Vulnerability Details CVE-2020-5725
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 59.0%
CVSS Severity
CVSS v3 Score 5.9
CVSS v2 Score 4.3
References
- http://packetstormsecurity.com/files/156976/Grandstream-UCM6200-Series-WebSocket-1.0.20.20-SQL-Injection.html
- https://www.tenable.com/security/research/tra-2020-17
- http://packetstormsecurity.com/files/156976/Grandstream-UCM6200-Series-WebSocket-1.0.20.20-SQL-Injection.html
- https://www.tenable.com/security/research/tra-2020-17
Products affected by CVE-2020-5725
-
cpe:2.3:h:grandstream:ucm6202:-
-
cpe:2.3:h:grandstream:ucm6204:-
-
cpe:2.3:h:grandstream:ucm6208:-
-
cpe:2.3:o:grandstream:ucm6202_firmware:*
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.10.44
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.11.27
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.12.19
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.13.14
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.14.24
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.15.16
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.16.20
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.17.16
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.18.13
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.19.20
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.19.21
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.2.97
-
cpe:2.3:o:grandstream:ucm6204_firmware:1.0.9.97
-
cpe:2.3:o:grandstream:ucm6208_firmware:*