Backdoor Vulnerability in Grandstream HT800 Series SSH Service
CVE-2020-5763

8.8HIGH

Key Information:

Vendor: Grandstream
Status: Grandstream Ht800 Series
Vendor: CVE Published:; 29 July 2020

🔔 Create Grandstream Vulnerability Alert

What is CVE-2020-5763?

The Grandstream HT800 series firmware versions up to 1.0.17.5 contains a critical backdoor in the SSH service. This vulnerability allows an authenticated remote attacker to gain unauthorized root access by successfully responding to a challenge prompt, potentially compromising the entire system. Users are advised to upgrade to patched firmware to mitigate the risks associated with this security flaw.

Affected Version(s)

Grandstream HT800 Series Versions 1.0.17.5 and below

References

https://www.tenable.com/security/research/tra-2020-43

x_refsource_MISC

https://www.tenable.com/security/research/tra-2020-47

x_refsource_MISC

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2020
Vulnerability Reserved
Jan 6, 2020