CVE-2019-10658
https://notcve.org/view.php?id=CVE-2019-10658
Grandstream GWN7610 before 1.0.8.18 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/controller.icc.update_nds_webroot_from_tmp update_nds_webroot_from_tmp API call. Los dispositivos Grandstream GWN7610, en versiones anteriores a la 1.0.8.18, permiten a los usuarios remotos ejecutar código arbitrario mediante metacaracteres shell en el nombre de archivo en una llamada API en /ubus/controller.icc.update_nds_webroot_from_tmp update_nds_webroot_from_tmp. • https://github.com/scarvell/grandstream_exploits https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-10657
https://notcve.org/view.php?id=CVE-2019-10657
Grandstream GWN7000 before 1.0.6.32 and GWN7610 before 1.0.8.18 devices allow remote authenticated users to discover passwords via a /ubus/uci.apply config request. Los dispositivos Grandstream GWN7000, en versiones anteriores a la 1.0.6.32, y Grandstream GWN7610, en versiones anteriores a la 1.0.8.18, permite a los usuarios remotos autenticados descubrir contraseñas mediante una petición de configuración en /ubus/uci.apply. • https://github.com/scarvell/grandstream_exploits https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-10656
https://notcve.org/view.php?id=CVE-2019-10656
Grandstream GWN7000 before 1.0.6.32 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the filename in a /ubus/uci.apply update_nds_webroot_from_tmp API call. Los dispositivos Grandstream GWN7000, en versiones anteriores a la 1.0.6.32, permiten a los usuarios remotos ejecutar código arbitrario mediante metacaracteres shell en el nombre de archivo en una llamada API en /ubus/uci.apply update_nds_webroot_from_tmp. • https://github.com/scarvell/grandstream_exploits https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVE-2019-10655 – Grandstream GXV31XX settimezone Unauthenticated Command Execution
https://notcve.org/view.php?id=CVE-2019-10655
Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 before 1.0.3.219 Beta, and GXV3240 before 1.0.3.219 Beta devices allow unauthenticated remote code execution via shell metacharacters in a /manager?action=getlogcat priority field, in conjunction with a buffer overflow (via the phonecookie cookie) to overwrite a data structure and consequently bypass authentication. This can be exploited remotely or via CSRF because the cookie can be placed in an Accept HTTP header in an XMLHttpRequest call to lighttpd. Los dispositivos de Grandstream GAC2500 1.0.3.35, GXP2200 1.0.3.27, GVC3202 1.0.3.51, GXV3275 anteriores a la versión 1.0.3.219 Beta y GXV3240 anteriores a la 1.0.3.219 Beta permiten la ejecución remota de código mediante metacaracteres shell en un campo "priority" en /manager?action=getlogcat, en conjunto con un desbordamiento de búfer (mediante la cookie "phonecookie") para sobrescribir una estructura de datos y, por consiguiente, omitir la autenticación. • http://packetstormsecurity.com/files/165643/Grandstream-GXV3175-Unauthenticated-Command-Execution.html http://packetstormsecurity.com/files/165931/Grandstream-GXV31XX-settimezone-Unauthenticated-Command-Execution.html https://github.com/scarvell/grandstream_exploits https://www.trustwave.com/en-us/resources/security-resources/security-advisories/?fid=23920&dl=1 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-352: Cross-Site Request Forgery (CSRF) •
CVE-2017-16565
https://notcve.org/view.php?id=CVE-2017-16565
Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests. Cross-Site Request Forgery (CSRF) en /cgi-bin/login en dispositivos Vonage (Grandstream) HT802 permite que atacantes autentiquen a un usuario mediante la pantalla de login empleando la contraseña por defecto 123 y enviando peticiones arbitrarias. • https://distributedcompute.com/2017/11/04/vonage-ht802-multiple-vulnerabilities • CWE-352: Cross-Site Request Forgery (CSRF) •