CVE-2016-1518
CVE-2016-1518 affects the Grandstream Wave app (Android, versions up to 1.0.1.26 and earlier) and Grandstream Video IP phones. The root cause is failure to use HTTPS when downloading provisioning/configuration data from http://fm.grandstream.com/gs/, enabling a man-in-the-middle to spoof provisio...