Lucene search
K

13 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2019-2463

Malware in sbrugna...

8.8CVSS8.8AI score0.28139EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 10:24 a.m.10 views

CVE-2019-10663

Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to conduct SQL injection attacks via the sord parameter in a listCodeblueGroup API call to the /cgi? URI...

8.8CVSS7.6AI score0.28139EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:7 a.m.9 views

CVE-2019-10662

Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI...

9CVSS7.7AI score0.43762EPSS
Exploits3References1
Tenable Nessus
Tenable Nessus
added 2019/04/05 12:0 a.m.34 views

Grandstream IP PBX Appliance UCM6204 < 1.0.19.20 RCE

Binary data 700492.prm...

9CVSS8.9AI score0.43762EPSS
Exploits3References5
CNVD
CNVD
added 2019/04/02 12:0 a.m.3 views

Grandstream UCM6204 SQL Injection Vulnerability

The Grandstream UCM6204 is an IP PBX Private Branch eXchange device from Grandstream. A SQL injection vulnerability exists in the Grandstream UCM6204 prior to version 1.0.19.20, which arises from a database-based application that lacks validation of externally entered SQL statements. An attacker...

8.8CVSS8.1AI score0.28139EPSS
Exploits0References1
CNVD
CNVD
added 2019/04/02 12:0 a.m.5 views

Grandstream UCM6204 Command Injection Vulnerability

The Grandstream UCM6204 is an IP PBX Private Branch eXchange device from Grandstream. A security vulnerability exists in the Grandstream UCM6204 versions prior to 1.0.19.20. An attacker can exploit the vulnerability to execute illegal commands...

9CVSS7.1AI score0.43762EPSS
Exploits3References1
Prion
Prion
added 2019/03/30 5:29 p.m.23 views

Code injection

Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI...

9CVSS9.3AI score0.43762EPSS
Exploits3References2Affected Software1
NVD
NVD
added 2019/03/30 5:29 p.m.35 views

CVE-2019-10662

Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI...

9CVSS8.8AI score0.43762EPSS
Exploits3References2
OSV
OSV
added 2019/03/30 5:29 p.m.3 views

CVE-2019-10663

Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to conduct SQL injection attacks via the sord parameter in a listCodeblueGroup API call to the /cgi? URI...

8.8CVSS7.4AI score0.28139EPSS
Exploits0References1
CVE
CVE
added 2019/03/30 4:43 p.m.57 views

CVE-2019-10663

Grandstream UCM6204 is affected by CVE-2019-10663. Before version 1.0.19.20, remote authenticated users can perform a SQL injection via the sord parameter in the listCodeblueGroup API call to the /cgi? URI. Impact details are described across multiple sources, with the vulnerability enabling unin...

8.8CVSS9AI score0.28139EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2019/03/30 4:43 p.m.34 views

CVE-2019-10662

Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI...

9.3AI score0.43762EPSS
Exploits3References2
CVE
CVE
added 2019/03/30 4:43 p.m.77 views

CVE-2019-10662

CVE-2019-10662 affects Grandstream UCM6204 devices running firmware prior to 1.0.19.20. The issue lets remote authenticated users execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter sent to the /cgi? URI. Root cause appears to be a command execution vulner...

9CVSS9.2AI score0.43762EPSS
Exploits3References2Affected Software1
Positive Technologies
Positive Technologies
added 2019/03/30 12:0 a.m.4 views

PT-2019-11975 · Grandstream · Grandstream Ucm6204

Name of the Vulnerable Software and Affected Versions: Grandstream UCM6204 version 1.0.19.20 and earlier Description: The issue allows remote authenticated users to execute arbitrary code via shell metacharacters in the file-backup parameter to the "/cgi" API endpoint. Recommendations: For...

9CVSS8.7AI score0.43762EPSS
Exploits3References3
Rows per page
Query Builder