Authenticated Remote Command Execution Vulnerability in Grandstream GXP1600 Series
CVE-2020-5738

8.8HIGH

Key Information:

Vendor: Grandstream
Status: Grandstream Gxp1600 Series
Vendor: CVE Published:; 14 April 2020

🔔 Create Grandstream Vulnerability Alert

What is CVE-2020-5738?

The GXP1600 series from Grandstream contains a vulnerability that permits authenticated remote command execution. By taking advantage of the HTTP /cgi-bin/upload_vpntar interface, an attacker can upload a specially crafted tar file. This poses significant security risks, as it may allow unauthorized administrative control over the device, potentially leading to extensive data breaches and service interruptions.

Affected Version(s)

Grandstream GXP1600 Series 1.0.4.152 and below

References

https://www.tenable.com/security/research/tra-2020-22

x_refsource_MISC

EPSS Score

5% chance of being exploited in the next 30 days.

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 14, 2020
Vulnerability Reserved
Jan 6, 2020