CVE-2020-5723

EPSS 5.7%CWE-312

The UCM6200 series 1.0.20.22 and below stores unencrypted user passwords in an SQLite database. This could allow an attacker to retrieve all passwords and possibly gain elevated privileges.

Productos afectados

n/a · Grandstream UCM6200 series

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →

Referencias

https://www.tenable.com/security/research/tra-2020-17