Vulnerabilities > Grandstream > Wp820 Firmware

DATE CVE VULNERABILITY TITLE RISK
2019-03-30 CVE-2019-10659 OS Command Injection vulnerability in Grandstream Gxv3370 Firmware and Wp820 Firmware
Grandstream GXV3370 before 1.0.1.41 and WP820 before 1.0.3.6 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in a /manager?action=getlogcat priority field.
network
low complexity
grandstream CWE-78
8.8