CVE-2020-25217

Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection as root in its administrative web interface.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:grandstream:grp2612_firmware:1.0.3.6:*:*:*:*:*:*:*
cpe:2.3:h:grandstream:grp2612:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:grandstream:grp2612p_firmware:1.0.3.6:*:*:*:*:*:*:*
cpe:2.3:h:grandstream:grp2612p:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:grandstream:grp2612w_firmware:1.0.3.6:*:*:*:*:*:*:*
cpe:2.3:h:grandstream:grp2612w:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:grandstream:grp2613_firmware:1.0.3.6:*:*:*:*:*:*:*
cpe:2.3:h:grandstream:grp2613:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:grandstream:grp2614_firmware:1.0.3.6:*:*:*:*:*:*:*
cpe:2.3:h:grandstream:grp2614:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:grandstream:grp2615_firmware:1.0.3.6:*:*:*:*:*:*:*
cpe:2.3:h:grandstream:grp2615:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:grandstream:grp2616_firmware:1.0.3.6:*:*:*:*:*:*:*
cpe:2.3:h:grandstream:grp2616:-:*:*:*:*:*:*:*

Information

Published : 2021-03-29 10:15

Updated : 2022-10-05 09:40


NVD link : CVE-2020-25217

Mitre link : CVE-2020-25217


JSON object : View

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Advertisement

dedicated server usa

Products Affected

grandstream

  • grp2612_firmware
  • grp2612p
  • grp2612p_firmware
  • grp2616
  • grp2612
  • grp2615
  • grp2613_firmware
  • grp2615_firmware
  • grp2612w_firmware
  • grp2616_firmware
  • grp2614_firmware
  • grp2613
  • grp2614
  • grp2612w