Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to an OS command injection vulnerability. Unauthenticated remote attackers can execute arbitrary commands as root by crafting a special configuration file and sending a crafted SIP message.
CPE | Name | Operator | Version |
---|---|---|---|
ht801_firmware | le | 1.0.17.5 | |
ht802_firmware | le | 1.0.17.5 | |
ht812_firmware | le | 1.0.17.5 | |
ht813_firmware | le | 1.0.17.5 | |
ht814_firmware | le | 1.0.17.5 | |
ht818_firmware | le | 1.0.17.5 |