Ht802 Firmware@- Security Vulnerabilities and Issues — Ht802 Firmware@- CVE List

Lucene search

GrandstreamHt802 Firmware-

3 matches found

CVE•added 2017/11/06 8:29 a.m.•39 views

CVE-2017-16563

Cross-Site Request Forgery (CSRF) in the Basic Settings screen on Vonage (Grandstream) HT802 devices allows attackers to modify settings, related to cgi-bin/update.

8CVSS7.8AI score0.00128EPSS

CVE•added 2017/11/06 8:29 a.m.•36 views

CVE-2017-16565

Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests.

8.8CVSS8.8AI score0.00138EPSS

CVE•added 2017/11/06 8:29 a.m.•31 views

CVE-2017-16564

Stored Cross-site scripting (XSS) vulnerability in /cgi-bin/config2 on Vonage (Grandstream) HT802 devices allows remote authenticated users to inject arbitrary web script or HTML via the DHCP vendor class ID field (P148).

5.4CVSS5.1AI score0.0015EPSS