Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP /cgi-bin/upload_vpntar interface.
CVSS Information
N/A
Vulnerability Type
在文件访问前对链接解析不恰当(链接跟随)
Vulnerability Title
Grandstream GXP1600 后置链接漏洞
Vulnerability Description
Grandstream GXP1600是美国潮流网络(Grandstream)公司的一款IP电话产品。 使用1.0.4.152及之前版本固件的Grandstream GXP1600系列中存在后置链接漏洞。攻击者可通过向/cgi-bin/upload_vpntar界面上传特制的tar文件利用该漏洞执行任意脚本并获取root权限。
CVSS Information
N/A
Vulnerability Type
N/A