Unrated severityNVD Advisory· Published Jul 29, 2025· Updated Jul 29, 2025

CVE-2025-28171

Description

An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the Login function at /cgi and /webrtccgi.

Affected products

Grandstream/UCM6510description
Grandstream/UCM6510llm-fuzzy
Range: <=1.0.20.52

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

grandstream.commitre
ucm65xx.commitre
gist.github.com/Exek1el/a1fe4288f0df0a47068d618579c6b647mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000