3 matches found
CVE-2019-10660
Grandstream GXV3611IRHD before 1.0.3.23 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the /goform/systemlog?cmd=set logserver field...
CVE-2019-10660
Grandstream GXV3611IRHD before 1.0.3.23 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the /goform/systemlog?cmd=set logserver field...
CVE-2019-10660
The CVE-2019-10660 affects Grandstream GXV3611IR_HD devices, documented as vulnerable before firmware 1.0.3.23. A remote attacker with authentication can execute arbitrary code by supplying shell metacharacters in the logserver field of the /goform/systemlog API. The issue is a remote code execut...