Input validation

2019-04-0121:29:00

PRIOn knowledge base

www.prio-n.com

9.4 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

64.7%

JSON

A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.

CPENameOperatorVersion
gxp1610_firmwareeq1.0.4.128
gxp1615_firmwareeq1.0.4.128
gxp1620_firmwareeq1.0.4.128
gxp1625_firmwareeq1.0.4.128
gxp1628_firmwareeq1.0.4.128
gxp1630_firmwareeq1.0.4.128

Name	Operator	Version
gxp1610_firmware	eq	1.0.4.128
gxp1615_firmware	eq	1.0.4.128
gxp1620_firmware	eq	1.0.4.128
gxp1625_firmware	eq	1.0.4.128
gxp1628_firmware	eq	1.0.4.128
gxp1630_firmware	eq	1.0.4.128