Cybersecurity Alerts

Grandstream Networks UCM6200 Series SQL Injection Vulnerability

Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.

Required Action

Apply updates per vendor instructions.

Weakness Classification

CWE-89

References

• https://nvd.nist.gov/vuln/detail/CVE-2020-5722