Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Grandstream Subscribe
Filtered by product Gxv3504
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-3542 1 Grandstream 26 Gxv3500, Gxv3500 Firmware, Gxv3501 and 23 more 2019-12-19 10.0 HIGH 10.0 CRITICAL
Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it easier for remote attackers to obtain access via a TELNET session.
CVE-2013-3962 1 Grandstream 11 Gxv3500, Gxv3501, Gxv3504 and 8 more 2013-10-02 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models before firmware 1.0.4.44, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2013-3963 1 Grandstream 11 Gxv3500, Gxv3501, Gxv3504 and 8 more 2013-10-02 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users.