Vulnerabilities > Grandstream > Ht801 Firmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2021-10-28 CVE-2021-37915 Unspecified vulnerability in Grandstream Ht801 Firmware 1.0.17.5
An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8.
network
low complexity
grandstream
critical
9.0
2021-10-28 CVE-2021-37748 Out-of-bounds Write vulnerability in Grandstream Ht801 Firmware 1.0.17.5
Multiple buffer overflows in the limited configuration shell (/sbin/gs_config) on Grandstream HT801 devices before 1.0.29 allow remote authenticated users to execute arbitrary code as root via a crafted manage_if setting, thus bypassing the intended restrictions of this shell and taking full control of the device.
network
low complexity
grandstream CWE-787
critical
9.0
2020-07-29 CVE-2020-5760 OS Command Injection vulnerability in Grandstream products
Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to an OS command injection vulnerability.
network
grandstream CWE-78
critical
9.3
2020-07-29 CVE-2020-5763 Inadequate Encryption Strength vulnerability in Grandstream products
Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service.
network
low complexity
grandstream CWE-326
critical
9.0