4 matches found
CVE-2019-10662
Grandstream UCM6204 before 1.0.19.20 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter to the /cgi? URI...
CVE-2019-10662
creationtimestamp| type| source ---|---|--- 2025-02-06 03:13:43+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23 04:10:11+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2026-07-08 14:07:06+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mq5c4wfd3k2o...
Grandstream IP PBX Appliance UCM6204 < 1.0.19.20 RCE
Binary data 700492.prm...
CVE-2019-10662
CVE-2019-10662 affects Grandstream UCM6204 devices running firmware prior to 1.0.19.20. The issue lets remote authenticated users execute arbitrary code via shell metacharacters in the backupUCMConfig file-backup parameter sent to the /cgi? URI. Root cause appears to be a command execution vulner...