Lucene search
K

17 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:37 p.m.8 views

CVE-2023-50015

An issue was discovered in Grandstream GXP14XX 1.0.8.9 and GXP16XX 1.0.7.13, allows remote attackers to escalate privileges via incorrect access control using an end-user session-identity token...

8.8CVSS7.3AI score0.00386EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2018-9316

Malware in sbrugna...

5.3CVSS5.5AI score0.00699EPSS
Exploits0References3
CNVD
CNVD
added 2019/04/02 12:0 a.m.2 views

Grandstream GXP16xx Shell Metacharacter Injection Vulnerability

The Grandstream GXP16xx VoIP is a 16XX series IP phone from Grandstream. A shell metacharacter injection vulnerability exists in the SSH configuration interface of the Grandstream GXP16xx 1.0.4.128, which can be exploited by an attacker to execute arbitrary system commands and obtain a root shell...

10CVSS8AI score0.01935EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/02 12:0 a.m.3 views

Grandstream GXP16xx Information Disclosure Vulnerability

The Grandstream GXP16xx VoIP is a 16XX series IP phone from Grandstream. An information disclosure vulnerability exists in /cgi-bin/api-getlinestatus in the Grandstream GXP16xx 1.0.4.128, which can be exploited by an attacker to dump the device's configuration in plaintext via a malformed input...

5.3CVSS6.3AI score0.00699EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/02 12:0 a.m.5 views

Grandstream GXP16xx Elevation of Privilege Vulnerability

The Grandstream GXP16xx VoIP is a 16XX series IP phone from Grandstream. An elevation of privilege vulnerability exists in /cgi-bin/deleteCA in Grandstream GXP16xx 1.0.4.128, which can be exploited to delete configuration parameters and gain administrator access to the device via a malformed inpu...

9.8CVSS7.3AI score0.01582EPSS
Exploits0References1
NVD
NVD
added 2019/04/01 9:29 p.m.21 views

CVE-2018-17564

A Malformed Input String to /cgi-bin/deleteCA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device...

9.8CVSS9.5AI score0.01582EPSS
Exploits0References2
NVD
NVD
added 2019/04/01 9:29 p.m.21 views

CVE-2018-17565

Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell...

10CVSS10AI score0.01935EPSS
Exploits0References2
OSV
OSV
added 2019/04/01 9:29 p.m.5 views

CVE-2018-17565

Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell...

9.8CVSS6AI score0.01935EPSS
Exploits0References2
OSV
OSV
added 2019/04/01 9:29 p.m.7 views

CVE-2018-17563

A Malformed Input String to /cgi-bin/api-getlinestatus on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext...

5.3CVSS5.8AI score0.00699EPSS
Exploits0References2
NVD
NVD
added 2019/04/01 9:29 p.m.16 views

CVE-2018-17563

A Malformed Input String to /cgi-bin/api-getlinestatus on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext...

5.3CVSS5.3AI score0.00699EPSS
Exploits0References2
Prion
Prion
added 2019/04/01 9:29 p.m.12 views

Design/Logic Flaw

Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell...

10CVSS9.9AI score0.01935EPSS
Exploits0References2Affected Software6
Prion
Prion
added 2019/04/01 9:29 p.m.13 views

Input validation

A Malformed Input String to /cgi-bin/api-getlinestatus on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext...

5CVSS5.3AI score0.00699EPSS
Exploits0References2Affected Software6
CVE
CVE
added 2019/04/01 8:51 p.m.54 views

CVE-2018-17565

The CVE-2018-17565 entry concerns a Shell Metacharacter Injection vulnerability in the SSH configuration interface of Grandstream GXP16xx VoIP phones (firmware 1.0.4.128). The vulnerability allows an attacker to execute arbitrary system commands and obtain a root shell. Public documents identify ...

10CVSS9.8AI score0.01935EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/04/01 8:51 p.m.20 views

CVE-2018-17565

Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell...

10AI score0.01935EPSS
Exploits0References2
Cvelist
Cvelist
added 2019/04/01 8:50 p.m.14 views

CVE-2018-17564

A Malformed Input String to /cgi-bin/deleteCA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device...

9.6AI score0.01582EPSS
Exploits0References2
CVE
CVE
added 2019/04/01 8:49 p.m.47 views

CVE-2018-17563

The CVE-2018-17563 vulnerability affects Grandstream GXP16xx VoIP phones (example 1.0.4.128). A malformed input string to /cgi-bin/api-get_line_status allows an attacker to dump the device configuration in plaintext, constituting an information disclosure issue. The root cause is a malformed inpu...

5.3CVSS5.2AI score0.00699EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2019/04/01 8:49 p.m.14 views

CVE-2018-17563

A Malformed Input String to /cgi-bin/api-getlinestatus on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext...

5.3AI score0.00699EPSS
Exploits0References2
Rows per page
Query Builder