PT-2020-18684 · Grandstream · Grandstream Ht800

Bignerd95

Published

2020-07-29

Updated

2020-07-31

CVE-2020-5763

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Grandstream HT800 series firmware version 1.0.17.5 and below

Description The issue concerns a backdoor in the SSH service, allowing an authenticated remote attacker to obtain a root shell by correctly answering a challenge prompt.

Recommendations For Grandstream HT800 series firmware version 1.0.17.5 and below, update to a version above 1.0.17.5 to remove the backdoor from the SSH service.

Exploit

Fix

Inadequate Encryption Strength

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-489CWE-326

Related Identifiers

CVE-2020-5763

Affected Products

Grandstream Ht800

PT-2020-18684 · Grandstream · Grandstream Ht800

CVE-2020-5763

Weakness Enumeration

Related Identifiers

Affected Products

References · 4