Gxp1628 Firmware
CVE-2026-2329
CRITICAL
Severity by source
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3DescriptionCVE.org
An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.
AnalysisAI
Unauthenticated stack-based buffer overflow in /cgi-bin/api.values.get HTTP API endpoint. EPSS 41.1% indicates very high exploitation probability. Patch available.
Technical ContextAI
CWE-121 unauthenticated stack overflow in CGI-based HTTP API. The api.values.get endpoint processes requests without bounds checking.
RemediationAI
Apply firmware patch immediately given 41% EPSS score. Restrict HTTP API access.
More in Gxp1628 Firmware
View allGrandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an
Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an
Information disclosure in the Grandstream GXP1628 IP phone (firmware 1.0.4.130 and earlier) exposes sensitive directorie
Same weakness CWE-121 – Stack-based Buffer Overflow
View allShare
External POC / Exploit Code
Leaving vuln.today