Lucene search
+L

4 matches found

exploitpack
exploitpack
added 2020/03/31 12:0 a.m.293 views

Grandstream UCM6200 Series CTI Interface - user_password SQL Injection

Grandstream UCM6200 Series CTI Interface - userpassword SQL Injection Exploit Title: Grandstream UCM6200 Series CTI Interface - 'userpassword' SQL Injection Date: 2020-03-30 Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link:...

0.8AI score0.04226EPSS
Exploits5
0day.today
0day.today
added 2020/03/31 12:0 a.m.230 views

Grandstream UCM6200 Series CTI Interface - (user_password) SQL Injection Exploit

Exploit for hardware platform in category web applications Exploit Title: Grandstream UCM6200 Series CTI Interface - 'userpassword' SQL Injection Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link:...

5CVSS7.5AI score0.04226EPSS
Exploits5
Exploit DB
Exploit DB
added 2020/03/31 12:0 a.m.225 views

Grandstream UCM6200 Series CTI Interface - 'user_password' SQL Injection

Exploit Title: Grandstream UCM6200 Series CTI Interface - 'userpassword' SQL Injection Date: 2020-03-30 Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link: http://www.grandstream.com/support/firmware/ucm62xx-official-firmware Version: 1.0.20.20 and below Teste...

7.5CVSS7.6AI score0.04226EPSS
Exploits5
CVE
CVE
added 2020/03/30 7:3 p.m.97 views

CVE-2020-5726

CVE-2020-5726 affects the Grandstream UCM6200 series prior to 1.0.20.22. A SQL injection via the CTI server on port 8888 allows a remote, unauthenticated attacker to disclose user passwords by crafting a username. Remedy: upgrade to version 1.0.20.22 or later.

7.5CVSS7.9AI score0.04226EPSS
Exploits5References2Affected Software1
Rows per page
Query Builder