Skip to main content

Gxp1630 Firmware

3 CVEs product

Monthly

CVE-2026-2329 CRITICAL POC PATCH THREAT Act Now

Unauthenticated stack-based buffer overflow in /cgi-bin/api.values.get HTTP API endpoint. EPSS 41.1% indicates very high exploitation probability. Patch available.

RCE Buffer Overflow Stack Overflow Gxp1628 Firmware Gxp1630 Firmware +4
NVD GitHub
CVSS 3.1
9.8
EPSS
41.1%
Threat
4.7
CVE-2020-5739 HIGH POC This Week

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Gxp1610 Firmware Gxp1615 Firmware Gxp1620 Firmware +3
NVD
CVSS 3.1
8.8
EPSS
5.3%
CVE-2020-5738 HIGH POC This Week

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gxp1610 Firmware Gxp1615 Firmware Gxp1620 Firmware Gxp1625 Firmware +2
NVD
CVSS 3.1
8.8
EPSS
5.4%
EPSS 41% 4.7 CVSS 9.8
CRITICAL POC PATCH THREAT Act Now

Unauthenticated stack-based buffer overflow in /cgi-bin/api.values.get HTTP API endpoint. EPSS 41.1% indicates very high exploitation probability. Patch available.

RCE Buffer Overflow Stack Overflow +6
NVD GitHub
EPSS 5% CVSS 8.8
HIGH POC This Week

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Gxp1610 Firmware +5
NVD
EPSS 5% CVSS 8.8
HIGH POC This Week

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker uploads a specially crafted tar file to the HTTP. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Gxp1610 Firmware Gxp1615 Firmware +4
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy