Denial of Service Vulnerability in Grandstream HT800 Series Firmware
CVE-2020-5762

7.5HIGH

Key Information:

Vendor: Grandstream
Status: Grandstream Ht800 Series
Vendor: CVE Published:; 29 July 2020

🔔 Create Grandstream Vulnerability Alert

What is CVE-2020-5762?

The Grandstream HT800 series firmware versions 1.0.17.5 and earlier are susceptible to a denial of service condition affecting the TR-069 service. This vulnerability arises from improper handling of the HTTP Authentication field, allowing unauthenticated remote attackers to exploit a NULL pointer dereference, which can lead to the service becoming unresponsive. It is essential to secure devices to mitigate potential disruptions from this vulnerability.

Affected Version(s)

Grandstream HT800 Series Versions 1.0.17.5 and below

References

https://www.tenable.com/security/research/tra-2020-43

x_refsource_MISC

https://www.tenable.com/security/research/tra-2020-47

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2020
Vulnerability Reserved
Jan 6, 2020