CVE-2020-5760

Summary

Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to an OS command injection vulnerability. Unauthenticated remote attackers can execute arbitrary commands as root by crafting a special configuration file and sending a crafted SIP message.

Affected Software

VendorProductVersion RangeStatus
n/aGrandstream HT800 SeriesVersions 1.0.17.5 and belowaffected

Weaknesses

  • CWE-78: CWE-78

ADP Enrichment

CVE Program Container

Additional References

References