26 matches found
Metasploit Wrap-Up 02/27/2026
No Prob-ollama This release brings some serious firepower with multiple new exploit modules and critical vulnerability support! The standout additions are the Ollama path traversal RCE CVE-2024-37032, a sophisticated exploit chaining arbitrary file writes into unauthenticated root RCE, and the...
GrandStream GXP1600 Gather Credentials
This gather module works against Grandstream GXP1600 series VoIP devices and can collect HTTP, SIP, and TR-069 credentials from a device. You can first leverage the exploit/linux/http/grandstreamgxp1600unauthrce exploit module to get a root session on a target GXP1600 series device before running...
GrandStream GXP1600 proxy SIP traffic
This capture module works against Grandstream GXP1600 series VoIP devices and can reconfigure the device to use an arbitrary SIP proxy. You can first leverage the exploit/linux/http/grandstreamgxp1600unauthrce exploit module to get a root session on a target GXP1600 series device before running...
GrandStream GXP1600 Unauthenticated Remote Code Execution
An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution RCE with root privileges on a target device. The vulnerability affects all six...
📄 GrandStream GXP1600 Unauthenticated Remote Code Execution
An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution RCE with root privileges on a target device. The vulnerability affects all six...
Grandstream GXP1600 VoIP Phones Exposed to Unauthenticated Remote Code Execution
Cybersecurity researchers have disclosed a critical security flaw in the Grandstream GXP1600 series of VoIP phones that could allow an attacker to seize control of susceptible devices. The vulnerability, tracked as CVE-2026-2329 , carries a CVSS score of 9.3 out of a maximum of 10.0. It has been...
CVE-2026-2329 Grandstream GXP1600 VoIP Phones - Unauthenticated stack buffer overflow
An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution RCE with root privileges on a target device. The vulnerability affects all six...
CVE-2026-2329: Critical Unauthenticated Stack Buffer Overflow in Grandstream GXP1600 VoIP Phones (FIXED)
Overview Rapid7 Labs conducted a zero-day research project against the Grandstream GXP1600 series of Voice over Internet Protocol VoIP phones. This research resulted in the discovery of a critical unauthenticated stack-based buffer overflow vulnerability, CVE-2026-2329. A remote attacker can...
EUVD-2020-26898
Malware in sbrugna...
EUVD-2020-26897
Malware in sbrugna...
CVE-2020-5739
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the "Additional Settings" field in the web interface. When the VPN's connection is established, the user defin...
CVE-2020-5738
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/uploadvpntar interface...
Grandstream GXP1600 Remote Code Execution (CVE-2020-5738)
A remote code execution vulnerability exists in Grandstream GXP1600. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
Grandstream GXP1600 Code Injection Vulnerability
The Grandstream GXP1600 is an IP phone product from Grandstream. A code injection vulnerability exists in the Grandstream GXP1600 series using firmware version 1.0.4.152 and earlier. The vulnerability can be exploited to add arbitrary OpenVPN configuration settings to a configuration file with th...
Grandstream GXP1600 Backlink Vulnerability
The Grandstream GXP1600 is an IP phone product from Grandstream. A backlink vulnerability exists in the Grandstream GXP1600 series using firmware version 1.0.4.152 and earlier. The vulnerability can be exploited to execute arbitrary scripts and gain root privileges by uploading a specially crafte...
Grandstream GXP1600 Series IP Phones <= 1.0.4.152 Multiple RCE Vulnerabilities
Grandstream GXP1600 Series IP Phones are prone to multiple remote code execution RCE vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...
CVE-2020-5739
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the "Additional Settings" field in the web interface. When the VPN's connection is established, the user defin...
CVE-2020-5739
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the "Additional Settings" field in the web interface. When the VPN's connection is established, the user defin...
CVE-2020-5738
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/uploadvpntar interface...
CVE-2020-5738
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/uploadvpntar interface...