2 matches found
Grandstream IP PBX Appliance UCM6204 < 1.0.19.20 RCE
Binary data 700492.prm...
CVE-2019-10663
Grandstream UCM6204 is affected by CVE-2019-10663. Before version 1.0.19.20, remote authenticated users can perform a SQL injection via the sord parameter in the listCodeblueGroup API call to the /cgi? URI. Impact details are described across multiple sources, with the vulnerability enabling unin...