Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in a /manager?action=getlogcat priority field.
CPE | Name | Operator | Version |
---|---|---|---|
gxv3370_firmware | lt | 1.0.1.41 | |
wp820_firmware | lt | 1.0.3.6 |