CVE-2020-5739
Last modified
CVE-2020-5739 is a high-severity vulnerability rated 8.8/10 on the CVSS scale. Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the "Additional Settings" field in the web interface. When the VPN's connection is established, the user defined script is executed with root privileges.. EPSS estimates a 5.34% chance of exploitation in the next 30 days.
Description
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the "Additional Settings" field in the web interface. When the VPN's connection is established, the user defined script is executed with root privileges.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Grandstream | Gxp1610 Firmware | <= 1.0.4.152 |
| Grandstream | Gxp1615 Firmware | <= 1.0.4.152 |
| Grandstream | Gxp1620 Firmware | <= 1.0.4.152 |
| Grandstream | Gxp1625 Firmware | <= 1.0.4.152 |
| Grandstream | Gxp1628 Firmware | <= 1.0.4.152 |
| Grandstream | Gxp1630 Firmware | <= 1.0.4.152 |
References
- https://www.tenable.com/security/research/tra-2020-22Exploit, Vendor Advisory
- https://www.tenable.com/security/research/tra-2020-22Exploit, Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2020-5739?
How severe is CVE-2020-5739?
How do I fix CVE-2020-5739?
Are you affected by CVE-2020-5739?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST