THREATOPS
THREAT OPSCVEs › CVE-2020-5722

CVE-2020-5722 — Grandstream Networks UCM6200 Series SQL Injection Vulnerability

CISA KEVExploited: confirmedGrandstream

Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.

Vulnerability details