CVE-2018-17563

CVE-2018-17563

EPSS 0.7%

A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://grandstream.com/support/firmware https://iridiumxor.wordpress.com/2019/01/03/three-simple-cves-for-a-good-voip-phone/