Grandstream UCM62xx IP PBX sendPasswordEmail Remote Code Execution

Discussion in 'News Aggregator' started by Packet Storm, 26 Jan 2022.

  1. Packet Storm

    Packet Storm Guest

    This Metasploit module exploits an unauthenticated SQL injection vulnerability and a command injection vulnerability affecting the Grandstream UCM62xx IP PBX series of devices. The vulnerabilities allow an unauthenticated remote attacker to execute commands as root.

    Continue reading...
     
    #1 Packet Storm, 26 Jan 2022
(You must log in or sign up to post here.)

Share This Page

Loading...