CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17564

A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 65.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

Products affected by CVE-2018-17564

Grandstream » Gxp1610 » Version: N/A

cpe:2.3:h:grandstream:gxp1610:-
Grandstream » Gxp1615 » Version: N/A

cpe:2.3:h:grandstream:gxp1615:-
Grandstream » Gxp1620 » Version: N/A

cpe:2.3:h:grandstream:gxp1620:-
Grandstream » Gxp1625 » Version: N/A

cpe:2.3:h:grandstream:gxp1625:-
Grandstream » Gxp1628 » Version: N/A

cpe:2.3:h:grandstream:gxp1628:-
Grandstream » Gxp1630 » Version: N/A

cpe:2.3:h:grandstream:gxp1630:-
Grandstream » Gxp1610 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.128
Grandstream » Gxp1615 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.128
Grandstream » Gxp1620 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.128
Grandstream » Gxp1625 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.128
Grandstream » Gxp1628 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.128
Grandstream » Gxp1630 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.128

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-17564

Products

Pricing

Contact Us