CVE-2025-28171 | THREATINT

Description

An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the Login function at /cgi and /webrtccgi.

PUBLISHED Reserved 2025-03-11 | Published 2025-07-29 | Updated 2025-07-29 | Assigner mitre

References

grandstream.com

ucm65xx.com

gist.github.com/Exek1el/a1fe4288f0df0a47068d618579c6b647

cve.org (CVE-2025-28171)

nvd.nist.gov (CVE-2025-28171)

Download JSON