CVE-2020-5761 - Grandstream Ht812 Firmware, Grandstream Ht814 Firmware and Grandstream Ht801 Firmware

July 29, 2020

Critical 7.5

Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to CPU exhaustion due to an infinite loop in the TR-069 service. Unauthenticated remote attackers can trigger this case by sending a one character TCP message to the TR-069 service.

Affected software

Grandstream Ht812 Firmware

Grandstream Ht814 Firmware

Grandstream Ht801 Firmware

Grandstream Ht802 Firmware

Grandstream Ht813 Firmware

Grandstream Ht818 Firmware

Reference links

https://www.tenable.com/security/research/tra-2020-43
https://www.tenable.com/security/research/tra-2020-47

CVE-2020-5761 - Grandstream Ht812 Firmware, Grandstream Ht814 Firmware and Grandstream Ht801 Firmware

Affected software

Reference links

Get alerted to vulnerabilities in your software