Grandstream UCM Series IP PBX HTTP Parameter Injection | VulnCheck Advisories

Go back

Grandstream UCM Series IP PBX HTTP Parameter Injection

severity: high
date: April 29, 2024
Affecting: Grandstream UCM Series IP PBX before 1.0.20.52
CVE: CVE-2024-0840
CVE type: Improper Neutralization of Parameter/Argument Delimiters
CVSS: 8.8
CVSS V3 Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References: Release Notes