CVE-2020-5761

Summary

Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to CPU exhaustion due to an infinite loop in the TR-069 service. Unauthenticated remote attackers can trigger this case by sending a one character TCP message to the TR-069 service.

Affected Software

VendorProductVersion RangeStatus
n/aGrandstream HT800 SeriesVersions 1.0.17.5 and belowaffected

Weaknesses

  • CWE-835: CWE-835

ADP Enrichment

CVE Program Container

Additional References

References