CVE-2020-37153
CVE-2020-37153 affects ASTPP 4.0.1. The vulnerability set includes cross-site scripting and command injection in the SIP device configuration and plugin management interfaces. Attackers could inject system commands, hijack administrator sessions, and potentially execute arbitrary code with root p...