PT-2025-31221 · Grandstream Networks · Gxp1628
Exek1El
·
Published
2025-07-29
·
Updated
2025-07-29
·
CVE-2025-28170
CVSS v3.1
7.6
| Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L |
Fix
Weakness Enumeration
Related Identifiers
Affected Products
Gxp1628
Exek1El
·
Published
2025-07-29
·
Updated
2025-07-29
·
CVE-2025-28170
7.6
High
| Base vector | Vector | AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L |
Name of the Vulnerable Software and Affected Versions:
Grandstream Networks GXP1628 versions 1.0.4.130 and earlier
Description:
The Grandstream Networks GXP1628 device is susceptible to incorrect access control due to directory listing being enabled. This allows unauthorized access to sensitive directories and files.
Recommendations:
Disable directory listing on Grandstream Networks GXP1628 versions 1.0.4.130 and earlier.
Fix