PT-2019-11973 · Grandstream · Grandstream Gxv3611Ir Hd

Scarvell

Published

2019-03-30

Updated

2023-03-01

CVE-2019-10660

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Grandstream GXV3611IR HD version 1.0.3.23 and earlier

Description The issue allows remote authenticated users to execute arbitrary code via shell metacharacters in the "/goform/systemlog?cmd=set logserver" field. This is a remote code execution issue that can be exploited by authenticated users.

Recommendations For Grandstream GXV3611IR HD version 1.0.3.23 and earlier, update to version 1.0.3.23 or later to resolve the issue. As a temporary workaround, consider restricting access to the "/goform/systemlog" API endpoint to minimize the risk of exploitation. Avoid using the logserver field in the affected API endpoint until the issue is resolved.

Exploit

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2019-10660

Affected Products

Grandstream Gxv3611Ir Hd

PT-2019-11973 · Grandstream · Grandstream Gxv3611Ir Hd

CVE-2019-10660

Weakness Enumeration

Related Identifiers

Affected Products

References · 4