Vulnerabilities > Grandstream > Gxp1620
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-04-01 | CVE-2018-17565 | OS Command Injection vulnerability in Grandstream products Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to execute arbitrary system commands and gain a root shell. | 10.0 |
| 2019-04-01 | CVE-2018-17564 | Unspecified vulnerability in Grandstream products A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device. | 7.5 |
| 2019-04-01 | CVE-2018-17563 | Missing Encryption of Sensitive Data vulnerability in Grandstream products A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext. | 5.0 |