Vulnerabilities > Grandstream > Ht801 Firmware

DATE CVE VULNERABILITY TITLE RISK
2021-10-28 CVE-2021-37748 Out-of-bounds Write vulnerability in Grandstream Ht801 Firmware 1.0.17.5
Multiple buffer overflows in the limited configuration shell (/sbin/gs_config) on Grandstream HT801 devices before 1.0.29 allow remote authenticated users to execute arbitrary code as root via a crafted manage_if setting, thus bypassing the intended restrictions of this shell and taking full control of the device.
network
low complexity
grandstream CWE-787
8.8
2021-10-28 CVE-2021-37915 Unspecified vulnerability in Grandstream Ht801 Firmware 1.0.17.5/1.0.29
An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8.
network
low complexity
grandstream
8.8
2020-07-29 CVE-2020-5763 Inadequate Encryption Strength vulnerability in Grandstream products
Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service.
network
low complexity
grandstream CWE-326
8.8
2020-07-29 CVE-2020-5762 NULL Pointer Dereference vulnerability in Grandstream products
Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to a denial of service attack against the TR-069 service.
network
low complexity
grandstream CWE-476
7.5
2020-07-29 CVE-2020-5761 Infinite Loop vulnerability in Grandstream products
Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to CPU exhaustion due to an infinite loop in the TR-069 service.
network
low complexity
grandstream CWE-835
7.5
2020-07-29 CVE-2020-5760 OS Command Injection vulnerability in Grandstream products
Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to an OS command injection vulnerability.
local
low complexity
grandstream CWE-78
7.8