CVE-2018-17564

moderate-risk

Published 2019-04-01

A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.

Do I need to act?

0.61% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 9.8/10 Critical

NETWORK / LOW complexity

Affected Products (6)

Gxp1610 Firmware

Gxp1615 Firmware

Gxp1620 Firmware

Gxp1625 Firmware

Gxp1628 Firmware

Gxp1630 Firmware

Affected Vendors

Grandstream

References (4)

Vendor Advisory http://grandstream.com/support/firmware

https://iridiumxor.wordpress.com/2019/01/03/three-simple-cves-for-a-good-voip-ph...

Vendor Advisory http://grandstream.com/support/firmware

https://iridiumxor.wordpress.com/2019/01/03/three-simple-cves-for-a-good-voip-ph...

/ 100

moderate-risk

Severity 32/34 · Critical

Exploitability 2/34 · Minimal

Exposure 13/34 · Low