11 matches found
CVE-2020-5726
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords...
CVE-2020-5757
Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can bypass command injection mitigations and execute commands as the root user by sending a crafted HTTP POST to the UCM's "New" HTTPS API...
CVE-2020-5724
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords...
CVE-2020-5723
The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges...
Grandstream UCM6200 Series WebSocket 1.0.20.20 - user_password SQL Injection
Grandstream UCM6200 Series WebSocket 1.0.20.20 - userpassword SQL Injection Exploit Title: Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'userpassword' SQL Injection Date: 2020-03-30 Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link:...
Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'user_password' SQL Injection
Exploit Title: Grandstream UCM6200 Series WebSocket 1.0.20.20 - 'userpassword' SQL Injection Date: 2020-03-30 Exploit Author: Jacob Baines Vendor Homepage: http://www.grandstream.com/ Software Link: http://www.grandstream.com/support/firmware/ucm62xx-official-firmware Version: 1.0.20.20 and below...
Grandstream UCM6200 SQL Injection Vulnerability
The Grandstream UCM6200 is an enterprise-class switch for IP telephony communications from Grandstream. A SQL injection vulnerability exists in the Grandstream UCM6200 series prior to version 1.0.20.22. The vulnerability stems from a database-based application that lacks validation of externally...
CVE-2020-5723
The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges...
CVE-2020-5725
CVE-2020-5725 affects Grandstream UCM6200 series prior to version 1.0.20.22. The vulnerability is an SQL injection in the HTTP server’s websockify endpoint that allows a remote, unauthenticated attacker to trigger a login action with a crafted username and, via timing attacks, disclose user passw...
CVE-2020-5723
CVE-2020-5723 affects Grandstream UCM62xx/UCM6200 series (firmware 1.0.20.22 and earlier). Root cause: unencrypted user passwords stored in an SQLite database, enabling an attacker to retrieve passwords and potentially gain elevated privileges. Connected documents also reference related CVE-2020-...
CVE-2020-5722
The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions befo...