Vulnerabilities > Grandstream > Ht802 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-07-29 CVE-2020-5762 NULL Pointer Dereference vulnerability in Grandstream products
Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to a denial of service attack against the TR-069 service.
network
low complexity
grandstream CWE-476
5.0
2017-11-06 CVE-2017-16565 Cross-Site Request Forgery (CSRF) vulnerability in Grandstream Ht802 Firmware
Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests.
6.8
2017-11-06 CVE-2017-16563 Cross-Site Request Forgery (CSRF) vulnerability in Grandstream Ht802 Firmware
Cross-Site Request Forgery (CSRF) in the Basic Settings screen on Vonage (Grandstream) HT802 devices allows attackers to modify settings, related to cgi-bin/update.
6.0