CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5739

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the "Additional Settings" field in the web interface. When the VPN's connection is established, the user defined script is executed with root privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.033

EPSS Ranking 86.6%

CVSS Severity

CVSS v3 Score 8.8

CVSS v2 Score 9.0

References

Products affected by CVE-2020-5739

Grandstream » Gxp1610 » Version: N/A

cpe:2.3:h:grandstream:gxp1610:-
Grandstream » Gxp1615 » Version: N/A

cpe:2.3:h:grandstream:gxp1615:-
Grandstream » Gxp1620 » Version: N/A

cpe:2.3:h:grandstream:gxp1620:-
Grandstream » Gxp1625 » Version: N/A

cpe:2.3:h:grandstream:gxp1625:-
Grandstream » Gxp1628 » Version: N/A

cpe:2.3:h:grandstream:gxp1628:-
Grandstream » Gxp1630 » Version: N/A

cpe:2.3:h:grandstream:gxp1630:-
Grandstream » Gxp1610 Firmware » Version: 1.0.4.100

cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.100
Grandstream » Gxp1610 Firmware » Version: 1.0.4.106

cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.106
Grandstream » Gxp1610 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.128
Grandstream » Gxp1610 Firmware » Version: 1.0.4.132

cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.132
Grandstream » Gxp1610 Firmware » Version: 1.0.4.140

cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.140
Grandstream » Gxp1610 Firmware » Version: 1.0.4.152

cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.152
Grandstream » Gxp1610 Firmware » Version: 1.0.4.82

cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.82
Grandstream » Gxp1610 Firmware » Version: 1.0.4.88

cpe:2.3:o:grandstream:gxp1610_firmware:1.0.4.88
Grandstream » Gxp1615 Firmware » Version: 1.0.4.100

cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.100
Grandstream » Gxp1615 Firmware » Version: 1.0.4.106

cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.106
Grandstream » Gxp1615 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.128
Grandstream » Gxp1615 Firmware » Version: 1.0.4.132

cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.132
Grandstream » Gxp1615 Firmware » Version: 1.0.4.140

cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.140
Grandstream » Gxp1615 Firmware » Version: 1.0.4.152

cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.152
Grandstream » Gxp1615 Firmware » Version: 1.0.4.82

cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.82
Grandstream » Gxp1615 Firmware » Version: 1.0.4.88

cpe:2.3:o:grandstream:gxp1615_firmware:1.0.4.88
Grandstream » Gxp1620 Firmware » Version: 1.0.4.100

cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.100
Grandstream » Gxp1620 Firmware » Version: 1.0.4.106

cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.106
Grandstream » Gxp1620 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.128
Grandstream » Gxp1620 Firmware » Version: 1.0.4.132

cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.132
Grandstream » Gxp1620 Firmware » Version: 1.0.4.140

cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.140
Grandstream » Gxp1620 Firmware » Version: 1.0.4.152

cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.152
Grandstream » Gxp1620 Firmware » Version: 1.0.4.82

cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.82
Grandstream » Gxp1620 Firmware » Version: 1.0.4.88

cpe:2.3:o:grandstream:gxp1620_firmware:1.0.4.88
Grandstream » Gxp1625 Firmware » Version: 1.0.4.100

cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.100
Grandstream » Gxp1625 Firmware » Version: 1.0.4.106

cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.106
Grandstream » Gxp1625 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.128
Grandstream » Gxp1625 Firmware » Version: 1.0.4.132

cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.132
Grandstream » Gxp1625 Firmware » Version: 1.0.4.140

cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.140
Grandstream » Gxp1625 Firmware » Version: 1.0.4.152

cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.152
Grandstream » Gxp1625 Firmware » Version: 1.0.4.82

cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.82
Grandstream » Gxp1625 Firmware » Version: 1.0.4.88

cpe:2.3:o:grandstream:gxp1625_firmware:1.0.4.88
Grandstream » Gxp1628 Firmware » Version: 1.0.4.100

cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.100
Grandstream » Gxp1628 Firmware » Version: 1.0.4.106

cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.106
Grandstream » Gxp1628 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.128
Grandstream » Gxp1628 Firmware » Version: 1.0.4.132

cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.132
Grandstream » Gxp1628 Firmware » Version: 1.0.4.140

cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.140
Grandstream » Gxp1628 Firmware » Version: 1.0.4.152

cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.152
Grandstream » Gxp1628 Firmware » Version: 1.0.4.82

cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.82
Grandstream » Gxp1628 Firmware » Version: 1.0.4.88

cpe:2.3:o:grandstream:gxp1628_firmware:1.0.4.88
Grandstream » Gxp1630 Firmware » Version: 1.0.4.100

cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.100
Grandstream » Gxp1630 Firmware » Version: 1.0.4.106

cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.106
Grandstream » Gxp1630 Firmware » Version: 1.0.4.128

cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.128
Grandstream » Gxp1630 Firmware » Version: 1.0.4.132

cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.132
Grandstream » Gxp1630 Firmware » Version: 1.0.4.140

cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.140
Grandstream » Gxp1630 Firmware » Version: 1.0.4.152

cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.152
Grandstream » Gxp1630 Firmware » Version: 1.0.4.82

cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.82
Grandstream » Gxp1630 Firmware » Version: 1.0.4.88

cpe:2.3:o:grandstream:gxp1630_firmware:1.0.4.88

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-5739

Products

Pricing

Contact Us