CVE-2020-5760

Name of the Vulnerable Software and Affected Versions Grandstream HT800 series firmware version 1.0.17.5 and below

Description The issue allows unauthenticated remote attackers to execute arbitrary commands as root by crafting a special configuration file and sending a crafted SIP message. This is due to an OS command injection vulnerability.

Recommendations For Grandstream HT800 series firmware version 1.0.17.5 and below, update to a version above 1.0.17.5 to resolve the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.