4 matches found
CVE-2026-2329
An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution RCE with root privileges on a target device. The vulnerability affects all six...
CVE-2025-28170
Grandstream Networks GXP1628 =1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files...
CVE-2025-28170
Grandstream Networks GXP1628 =1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files...
CVE-2025-28170
Grandstream Networks GXP1628 =1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files...