Improper Authentication Management in Grandstream Networks UCM6510
CVE-2025-28172

6.5MEDIUM

Key Information:

Vendor: Grandstream Networks
Status: UCM6510
Vendor: CVE Published:; 29 July 2025

🔔 Create Grandstream Networks Vulnerability Alert

What is CVE-2025-28172?

The Grandstream Networks UCM6510 is vulnerable to a flaw that allows attackers to make an excessive number of authentication attempts. This improper handling can result in brute force attacks where an attacker can eventually access user accounts by systematically trying different password combinations. Users of affected versions need to implement additional security measures to safeguard their systems against potential unauthorized access.

References

http://grandstream.com

https://gist.github.com/Exek1el/6291185a87c98d4229181212b...

CVSS V3.1

Score:

6.5

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 29, 2025
Vulnerability Reserved
Mar 11, 2025