GXV3611IR_HD
by Grandstream
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-2866 | 0.03 | — | 0.02 | Jul 8, 2015 | SQL injection vulnerability on the Grandstream GXV3611_HD camera with firmware before 1.0.3.9 beta allows remote attackers to execute arbitrary SQL commands by attempting to establish a TELNET session with a crafted username. | |||
| CVE-2019-10661 | 0.00 | — | 0.02 | Mar 30, 2019 | On Grandstream GXV3611IR_HD before 1.0.3.23 devices, the root account lacks a password. | |||
| CVE-2019-10660 | 0.00 | — | 0.03 | Mar 30, 2019 | Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the /goform/systemlog?cmd=set logserver field. |
- CVE-2015-2866Jul 8, 2015risk 0.03cvss —epss 0.02
SQL injection vulnerability on the Grandstream GXV3611_HD camera with firmware before 1.0.3.9 beta allows remote attackers to execute arbitrary SQL commands by attempting to establish a TELNET session with a crafted username.
- CVE-2019-10661Mar 30, 2019risk 0.00cvss —epss 0.02
On Grandstream GXV3611IR_HD before 1.0.3.23 devices, the root account lacks a password.
- CVE-2019-10660Mar 30, 2019risk 0.00cvss —epss 0.03
Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the /goform/systemlog?cmd=set logserver field.