CVE-2016-1520
The CVE-2016-1520 issue affects the Grandstream Wave Android app (1.0.1.26 and earlier). The root cause is that update information is retrieved over HTTP instead of HTTPS, enabling a man-in-the-middle to craft updates and potentially execute arbitrary code on the device. Public details indicate t...