PT-2025-31221 · Grandstream Networks · Gxp1628

Exek1El

·

Publicado

2025-07-29

·

Atualizado

2025-08-03

·

CVE-2025-28170

CVSS v3.1

7.6

Alta

VetorAV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L
Name of the Vulnerable Software and Affected Versions Grandstream Networks GXP1628 versions 1.0.4.130 and earlier
Description The Grandstream Networks GXP1628 device is susceptible to incorrect access control due to directory listing being enabled. This allows unauthorized access to sensitive directories and files.
Recommendations Disable directory listing on Grandstream Networks GXP1628 versions 1.0.4.130 and earlier.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-548

Identificadores relacionados

CVE-2025-28170

Produtos afetados

Gxp1628