CVE-2020-5739

moderate-risk
Published 2020-04-14

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the "Additional Settings" field in the web interface. When the VPN's connection is established, the user defined script is executed with root privileges.

Do I need to act?

~
2.5% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
8
CVSS 8.8/10 High
NETWORK / LOW complexity

Affected Products (6)

Gxp1610 Firmware
Gxp1615 Firmware
Gxp1620 Firmware
Gxp1625 Firmware
Gxp1628 Firmware
Gxp1630 Firmware

Affected Vendors

Grandstream

References (2)

Exploit https://www.tenable.com/security/research/tra-2020-22
Exploit https://www.tenable.com/security/research/tra-2020-22
49
/ 100
moderate-risk
Severity 30/34 · Critical
Exploitability 6/34 · Minimal
Exposure 13/34 · Low