Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2017-04-21	CVE-2016-1519	Improper Certificate Validation vulnerability in Grandstream Wave 1.0.1.26 The com.softphone.common package in the Grandstream Wave app 1.0.1.26 and earlier for Android does not properly validate SSL certificates, which allows man-in-the-middle attackers to spoof the Grandstream provisioning server via a crafted certificate. network high complexity grandstream CWE-295	5.9