CVSS: 8.8EPSS: 0%CPEs: 4EXPL: 0CVE-2024-0840 – Grandstream UCM Series IP PBX HTTP Parameter Injection
https://notcve.org/view.php?id=CVE-2024-0840
29 Apr 2024 — The Grandstream UCM Series IP PBX before firmware version 1.0.20.52 is affected by a parameter injection vulnerability in the HTTP interface. A remote and authenticated attacker can execute arbitrary code by sending a crafted HTTP request. Authentication may be possible using a default user and password. Affected models are the UCM6202, UCM6204, UCM6208, and UCM6510. La central IP Grandstream UCM Series anterior a la versión de firmware 1.0.20.52 se ve afectada por una vulnerabilidad de inyección de parámet... • https://vulncheck.com/advisories/grand-stream-param-injection • CWE-141: Improper Neutralization of Parameter/Argument Delimiters •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2020-5759
https://notcve.org/view.php?id=CVE-2020-5759
17 Jul 2020 — Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via SSH. An authenticated remote attacker can execute commands as the root user by issuing a specially crafted "unset" command. Grandstream serie UCM6200 versiones de firmware 1.0.20.23 y posterior, es vulnerable a una inyección de comandos del Sistema Operativo por medio de SSH. Un atacante autenticado remoto puede ejecutar comandos como usuario root al emitir un comando "unset" especialmente diseñado • https://www.tenable.com/cve/CVE-2020-5759 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 9.0EPSS: 0%CPEs: 6EXPL: 0CVE-2020-5758
https://notcve.org/view.php?id=CVE-2020-5758
17 Jul 2020 — Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can execute commands as the root user by sending a crafted HTTP GET to the UCM's "Old" HTTPS API. Grandstream serie UCM6200 versiones de firmware 1.0.20.23 y posterior, es vulnerable a una inyección de comandos del Sistema Operativo por medio de HTTP. Un atacante autenticado remoto puede ejecutar comandos como usuario root mediante el envío de un HTTP GET diseñado ... • https://www.tenable.com/cve/CVE-2020-5758 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 10.0EPSS: 0%CPEs: 6EXPL: 0CVE-2020-5757
https://notcve.org/view.php?id=CVE-2020-5757
17 Jul 2020 — Grandstream UCM6200 series firmware version 1.0.20.23 and below is vulnerable to OS command injection via HTTP. An authenticated remote attacker can bypass command injection mitigations and execute commands as the root user by sending a crafted HTTP POST to the UCM's "New" HTTPS API. Grandstream serie UCM6200 versiones de firmware 1.0.20.23 y posterior, es vulnerable a una inyección de comandos del Sistema Operativo por medio de HTTP. Un atacante autenticado remoto puede omitir las mitigaciones de inyección... • https://www.tenable.com/cve/CVE-2020-5757 • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 3CVE-2020-5726 – Grandstream UCM6200 Series CTI Interface - 'user_password' SQL Injection
https://notcve.org/view.php?id=CVE-2020-5726
30 Mar 2020 — The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords. La serie Grandstream UCM6200 versiones anteriores a 1.0.20.22, es vulnerable a una inyección SQL por medio del servidor CTI en el puerto 8888. Un atacante no autenticado remoto puede invocar la acción challenge con un nombre de usuario diseñado y detectar las contraseñas de usu... • https://packetstorm.news/files/id/156977 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 5.9EPSS: 0%CPEs: 6EXPL: 2CVE-2020-5725 – Grandstream UCM6200 Series WebSocket 1.0.20.20 SQL Injection
https://notcve.org/view.php?id=CVE-2020-5725
30 Mar 2020 — The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords. La serie Grandstream UCM6200 versiones anteriores a 1.0.20.22, es vulnerable a una inyección SQL por medio del endpoint websockify del servidor HTTP. Un atacante no autenticado remoto puede invocar la acción login con un nombre de u... • https://packetstorm.news/files/id/156976 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 6EXPL: 2CVE-2020-5724 – Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump
https://notcve.org/view.php?id=CVE-2020-5724
30 Mar 2020 — The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords. La serie Grandstream UCM6200 versiones anteriores a 1.0.20.22, es vulnerable a una inyección SQL por medio del endpoint websockify del servidor HTTP. Un atacante no autenticado remoto puede invocar la acción challenge con un nombre de usuario diseñado y detectar contr... • https://packetstorm.news/files/id/180682 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 6EXPL: 2CVE-2020-5723 – Grandstream UCM62xx IP PBX WebSocket Blind SQL Injection Credential Dump
https://notcve.org/view.php?id=CVE-2020-5723
30 Mar 2020 — The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges. La serie UCM6200 versiones 1.0.20.22 y por debajo, almacena contraseñas de usuario sin cifrar en una base de datos SQLite. Esto podría permitir a un atacante recuperar todas las contraseñas y posiblemente alcanzar privilegios elevados. • https://packetstorm.news/files/id/180682 • CWE-312: Cleartext Storage of Sensitive Information •