CVE-2020-5725

low-risk

Published 2020-03-30

The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint. A remote unauthenticated attacker can invoke the login action with a crafted username and, through the use of timing attacks, can discover user passwords.

Do I need to act?

0.39% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.9/10 Medium

NETWORK / HIGH complexity

Affected Products (3)

Ucm6202 Firmware

Ucm6204 Firmware

Ucm6208 Firmware

Affected Vendors

Grandstream

References (4)

http://packetstormsecurity.com/files/156976/Grandstream-UCM6200-Series-WebSocket...

Exploit https://www.tenable.com/security/research/tra-2020-17

http://packetstormsecurity.com/files/156976/Grandstream-UCM6200-Series-WebSocket...

Exploit https://www.tenable.com/security/research/tra-2020-17

/ 100

low-risk

Severity 18/34 · Moderate

Exploitability 1/34 · Minimal

Exposure 9/34 · Low