What is the vulnerability ID for this Grandstream VoIP phone firmware version 1.0.3.6?

The vulnerability ID for this Grandstream VoIP phone firmware version 1.0.3.6 is CVE-2020-25218.

What is the severity level of CVE-2020-25218?

The severity level of CVE-2020-25218 is critical (9.8).

How does CVE-2020-25218 affect the Grandstream GRP261x VoIP phone?

CVE-2020-25218 allows Authentication Bypass in the administrative web interface of Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base).

How can I fix CVE-2020-25218 on my Grandstream GRP261x VoIP phone?

To fix CVE-2020-25218, you should update the firmware of your Grandstream GRP261x VoIP phone to a version that addresses the vulnerability.

Where can I find more information about CVE-2020-25218?

You can find more information about CVE-2020-25218 at the following references: [link1](https://cwe.mitre.org/data/definitions/306.html), [link2](https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0002/FEYE-2021-0002.md).

Vulnerability/
CVE-2020-25218

critical

CWE

306

29/3/2021

4/8/2024

CVE-2020-25218

First published: Mon Mar 29 2021(Updated: )

Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allow Authentication Bypass in its administrative web interface.

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
Grandstream Grp2612 Firmware	=1.0.3.6
Grandstream Grp2612
Grandstream Grp2612p Firmware	=1.0.3.6
Grandstream Grp2612p
Grandstream Grp2612w Firmware	=1.0.3.6
Grandstream Grp2612w
Grandstream Grp2613 Firmware	=1.0.3.6
Grandstream Grp2613
Grandstream Grp2614 Firmware	=1.0.3.6
Grandstream Grp2614
Grandstream Grp2615 Firmware	=1.0.3.6
Grandstream Grp2615
Grandstream Grp2616 Firmware	=1.0.3.6
Grandstream Grp2616

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the vulnerability ID for this Grandstream VoIP phone firmware version 1.0.3.6?
The vulnerability ID for this Grandstream VoIP phone firmware version 1.0.3.6 is CVE-2020-25218.
What is the severity level of CVE-2020-25218?
The severity level of CVE-2020-25218 is critical (9.8).
How does CVE-2020-25218 affect the Grandstream GRP261x VoIP phone?
CVE-2020-25218 allows Authentication Bypass in the administrative web interface of Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base).
How can I fix CVE-2020-25218 on my Grandstream GRP261x VoIP phone?
To fix CVE-2020-25218, you should update the firmware of your Grandstream GRP261x VoIP phone to a version that addresses the vulnerability.
Where can I find more information about CVE-2020-25218?
You can find more information about CVE-2020-25218 at the following references: [link1](https://cwe.mitre.org/data/definitions/306.html), [link2](https://github.com/fireeye/Vulnerability-Disclosures/blob/master/FEYE-2021-0002/FEYE-2021-0002.md).

collector/nvd-index
agent/references
agent/weakness
agent/author
agent/severity
agent/type
agent/tags
agent/event
agent/description
agent/last-modified-date
agent/softwarecombine
agent/first-publish-date
collector/mitre-cve
source/MITRE
vendor/grandstream
canonical/grandstream grp2612 firmware
version/grandstream grp2612 firmware/1.0.3.6
canonical/grandstream grp2612
canonical/grandstream grp2612p firmware
version/grandstream grp2612p firmware/1.0.3.6
canonical/grandstream grp2612p
canonical/grandstream grp2612w firmware
version/grandstream grp2612w firmware/1.0.3.6
canonical/grandstream grp2612w
canonical/grandstream grp2613 firmware
version/grandstream grp2613 firmware/1.0.3.6
canonical/grandstream grp2613
canonical/grandstream grp2614 firmware
version/grandstream grp2614 firmware/1.0.3.6
canonical/grandstream grp2614
canonical/grandstream grp2615 firmware
version/grandstream grp2615 firmware/1.0.3.6
canonical/grandstream grp2615
canonical/grandstream grp2616 firmware
version/grandstream grp2616 firmware/1.0.3.6
canonical/grandstream grp2616