CVE-2019-10660

Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the /goform/systemlog?cmd=set logserver field.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:grandstream:gxv3611ir_hd_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:grandstream:gxv3611ir_hd:-:*:*:*:*:*:*:*

Information

Published : 2019-03-30 10:29

Updated : 2023-03-01 06:50


NVD link : CVE-2019-10660

Mitre link : CVE-2019-10660


JSON object : View

CWE
CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Advertisement

dedicated server usa

Products Affected

grandstream

  • gxv3611ir_hd_firmware
  • gxv3611ir_hd