CVE-2020-5738

Summary

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/upload_vpntar interface.

Affected Software

VendorProductVersion RangeStatus
n/aGrandstream GXP1600 Series1.0.4.152 and belowaffected

Weaknesses

  • CWE-59: CWE-59

ADP Enrichment

CVE Program Container

Additional References

References