CVE-2020-5759
N/A
N/A
Summary
Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via SSH. An authenticated remote attacker can execute commands as the root user by issuing a specially crafted "unset" command.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | Grandstream UCM6200 Series | Versions 1.0.20.23 and below | affected |
Weaknesses
- CWE-78: CWE-78
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.