2 matches found
Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution
This module exploits a command injection vulnerability in Grandstream GXV31XX IP multimedia phones. The 'settimezone' action does not validate input in the 'timezone' parameter allowing injection of arbitrary commands. A buffer overflow in the 'phonecookie' cookie parsing allows authentication to...
Grandstream GXV31XX settimezone Unauthenticated Command Execution
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "Grandstream GXV31XX 'settimezone' Unauthenticated Command Execution", 'Description' = %q This module exploits a command injection vulnerability i...