Sign-up

ID

VAR-202004-2006


CVE

CVE-2020-5739


TITLE

Grandstream GXP1600 code injection vulnerability

Trust: 1.2

sources: CNVD: CNVD-2020-25973 // CNNVD: CNNVD-202004-903

DESCRIPTION

Grandstream GXP1600 series firmware 1.0.4.152 and below is vulnerable to authenticated remote command execution when an attacker adds an OpenVPN up script to the phone's VPN settings via the "Additional Settings" field in the web interface. When the VPN's connection is established, the user defined script is executed with root privileges. Grandstream GXP1600 A code injection vulnerability exists in the series firmware.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be put into a state. Grandstream GXP1600 is an IP telephony product from American company Grandstream. An attacker can use the ‘Additional Settings’ field to exploit this vulnerability to add any OpenVPN configuration settings to the configuration file and execute code with root privileges

Trust: 2.16

sources: NVD: CVE-2020-5739 // JVNDB: JVNDB-2020-003968 // CNVD: CNVD-2020-25973

IOT TAXONOMY

category:['Network device']sub_category: -

Trust: 0.6

sources: CNVD: CNVD-2020-25973

AFFECTED PRODUCTS

vendor:grandstreammodel:gxp1630scope:lteversion:1.0.4.152

Trust: 1.0

vendor:grandstreammodel:gxp1620scope:lteversion:1.0.4.152

Trust: 1.0

vendor:grandstreammodel:gxp1625scope:lteversion:1.0.4.152

Trust: 1.0

vendor:grandstreammodel:gxp1628scope:lteversion:1.0.4.152

Trust: 1.0

vendor:grandstreammodel:gxp1615scope:lteversion:1.0.4.152

Trust: 1.0

vendor:grandstreammodel:gxp1610scope:lteversion:1.0.4.152

Trust: 1.0

vendor:grandstreammodel:gxp1610scope:eqversion:1.0.4.152

Trust: 0.8

vendor:grandstreammodel:gxp1615scope:eqversion:1.0.4.152

Trust: 0.8

vendor:grandstreammodel:gxp1620scope:eqversion:1.0.4.152

Trust: 0.8

vendor:grandstreammodel:gxp1625scope:eqversion:1.0.4.152

Trust: 0.8

vendor:grandstreammodel:gxp1628scope:eqversion:1.0.4.152

Trust: 0.8

vendor:grandstreammodel:gxp1630scope:eqversion:1.0.4.152

Trust: 0.8

vendor:grandstreammodel:gxp1600scope:lteversion:<=1.0.4.152

Trust: 0.6

sources: CNVD: CNVD-2020-25973 // JVNDB: JVNDB-2020-003968 // NVD: CVE-2020-5739

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2020-5739
value: HIGH

Trust: 1.0

NVD: JVNDB-2020-003968
value: HIGH

Trust: 0.8

CNVD: CNVD-2020-25973
value: HIGH

Trust: 0.6

CNNVD: CNNVD-202004-903
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2020-5739
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2020-003968
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

CNVD: CNVD-2020-25973
severity: HIGH
baseScore: 9.0
vectorString: AV:N/AC:L/AU:S/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.0
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.6

nvd@nist.gov: CVE-2020-5739
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: JVNDB-2020-003968
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: CNVD: CNVD-2020-25973 // JVNDB: JVNDB-2020-003968 // CNNVD: CNNVD-202004-903 // NVD: CVE-2020-5739

PROBLEMTYPE DATA

problemtype:CWE-94

Trust: 1.8

sources: JVNDB: JVNDB-2020-003968 // NVD: CVE-2020-5739

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-202004-903

TYPE

code injection

Trust: 0.6

sources: CNNVD: CNNVD-202004-903

CONFIGURATIONS

sources:
            
            
            JVNDB: JVNDB-2020-003968

PATCH
title:Top Pageurl:http://www.grandstream.com/
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-003968

EXTERNAL IDS
db:NVDid:CVE-2020-5739
Trust: 3.0
db:TENABLEid:TRA-2020-22
Trust: 2.4
db:JVNDBid:JVNDB-2020-003968
Trust: 0.8
db:CNVDid:CNVD-2020-25973
Trust: 0.6
db:CNNVDid:CNNVD-202004-903
Trust: 0.6
sources:
            
            
            CNVD: CNVD-2020-25973 // 
            
            
            
            JVNDB: JVNDB-2020-003968 // 
            
            
            
            CNNVD: CNNVD-202004-903 // 
            
            
            
            NVD: CVE-2020-5739

REFERENCES
url:https://www.tenable.com/security/research/tra-2020-22
Trust: 2.4
url:https://nvd.nist.gov/vuln/detail/cve-2020-5739
Trust: 1.4
url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2020-5739
Trust: 0.8
sources:
            
            
            JVNDB: JVNDB-2020-003968 // 
            
            
            
            CNNVD: CNNVD-202004-903 // 
            
            
            
            NVD: CVE-2020-5739

SOURCES
db:CNVDid:CNVD-2020-25973
db:JVNDBid:JVNDB-2020-003968
db:CNNVDid:CNNVD-202004-903
db:NVDid:CVE-2020-5739

LAST UPDATE DATE
2024-11-23T22:11:29.711000+00:00

SOURCES UPDATE DATE
db:CNVDid:CNVD-2020-25973date:2020-04-30T00:00:00
db:JVNDBid:JVNDB-2020-003968date:2020-04-30T00:00:00
db:CNNVDid:CNNVD-202004-903date:2021-07-13T00:00:00
db:NVDid:CVE-2020-5739date:2024-11-21T05:34:30.837

SOURCES RELEASE DATE
db:CNVDid:CNVD-2020-25973date:2020-04-30T00:00:00
db:JVNDBid:JVNDB-2020-003968date:2020-04-30T00:00:00
db:CNNVDid:CNNVD-202004-903date:2020-04-14T00:00:00
db:NVDid:CVE-2020-5739date:2020-04-14T14:15:12.007