4 matches found
CVE-2020-5758
Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as the root user by sending a crafted HTTP GET to the UCM's "Old" HTTPS API...
CVE-2020-5758
Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as the root user by sending a crafted HTTP GET to the UCM's "Old" HTTPS API...
CVE-2020-5758
Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as the root user by sending a crafted HTTP GET to the UCM's "Old" HTTPS API...
CVE-2020-5758
Grandstream UCM6200 series firmware versions 1.0.20.23 and earlier are vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as root by sending a crafted HTTP GET to the UCM’s “Old” HTTPS API. Affected: UCM6200 series (firmware ≤1.0.20.23). Impact and ...