Grandstream UCM6200 - SQL Injection

Grandstream UCM6200 series contains an unauthenticated remote SQL injection caused by crafted HTTP requests, letting attackers execute shell commands as root on versions before 1.0.19.20 or inject HTML in emails before 1.0.20.17. id: CVE-2020-5722 info: name: Grandstream UCM6200 - SQL Injection...

EUVD-2020-26885

Malware in sbrugna...

EUVD-2020-26917

Malware in sbrugna...

EUVD-2020-26884

Malware in sbrugna...

EUVD-2020-26918

Malware in sbrugna...

CVE-2020-5722

The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions befo...

CVE-2020-5726

The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords...

CVE-2020-5725

The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords...

CVE-2020-5759

Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via SSH. An authenticated remote attacker can execute commands as the root user by issuing a specially crafted "unset" command...

CVE-2020-5758

Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as the root user by sending a crafted HTTP GET to the UCM's "Old" HTTPS API...

CVE-2020-5757

Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can bypass command injection mitigations and execute commands as the root user by sending a crafted HTTP POST to the UCM's "New" HTTPS API...

CVE-2020-5724

The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords...

CVE-2020-5723

The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges...

Grandstream Networks UCM6200 Series SQLi (Web UI)

A SQL injection vulnerability exists in Grandstream UCM6200 Series devices. An unauthenticated, remote attacker can exploit this to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17. Note that Nessus has not tested...

Grandstream Networks UCM6200 Series SQLi (Phone Web UI)

A SQL injection vulnerability exists in Grandstream UCM6200 Series devices. An unauthenticated, remote attacker can exploit this to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17. Note that Nessus has not tested...

Grandstream Networks UCM6200 Series SQLi (SIP)

A SQL injection vulnerability exists in Grandstream UCM6200 Series devices. An unauthenticated, remote attacker can exploit this to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17. Note that Nessus has not tested...

Grandstream Networks UCM6200 Series SQL Injection Vulnerability

Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root...

Grandstream UCM6200 Series OS Command Injection Vulnerability (CNVD-2020-44351)

The Grandstream UCM6200 is an enterprise-class switch for IP telephony communications from Grandstream. An OS command injection vulnerability exists in the Grandstream UCM6200 series versions 1.0.20.23 and earlier. A remote authenticated attacker can exploit this vulnerability by sending a...

Grandstream UCM6200 Series OS Command Injection Vulnerability

The Grandstream UCM6200 is an enterprise-class switch for IP telephony communications from Grandstream. An OS command injection vulnerability exists in the Grandstream UCM6200 series versions 1.0.20.23 and earlier. The vulnerability can be exploited to execute commands as root by issuing speciall...

Grandstream UCM6200 Series OS Command Injection Vulnerability (CNVD-2020-44352)

The Grandstream UCM6200 is an enterprise-class switch for IP telephony communications from Grandstream. An OS command injection vulnerability exists in the Grandstream UCM6200 series versions 1.0.20.23 and earlier. This vulnerability can be exploited by an attacker to execute commands as root by...