Filtered by vendor Grandstream
Subscriptions
Filtered by product Ucm6200
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2020-5722 | 1 Grandstream | 2 Ucm6200, Ucm6200 Firmware | 2024-11-21 | 9.8 Critical |
The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17. |
Page 1 of 1.