CVE List

CVE-2020-5760

Critical 7.8

Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to an OS command injection vulnerability. Unauthenticated remote attackers can execute arbitrary commands as root by crafting a special configuration file and sending a crafted SIP message.

Published July 29, 2020.

Affected software

Grandstream Ht802 Firmware

Grandstream Ht813 Firmware

Grandstream Ht801 Firmware

Grandstream Ht818 Firmware

Grandstream Ht814 Firmware

Grandstream Ht812 Firmware

Reference links

Sign Up for Alerts