Vulnerabilities > Grandstream > Ucm6204 Firmware > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-03-30 CVE-2020-5725 SQL Injection vulnerability in Grandstream products
The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the HTTP server's websockify endpoint.
network
high complexity
grandstream CWE-89
5.9