CVE-2026-2329 | THREATINT

Description

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.

PUBLISHED Reserved 2026-02-11 | Published 2026-02-18 | Updated 2026-02-18 | Assigner rapid7

CRITICAL: 9.3CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-121 Stack-based Buffer Overflow

Product status

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Default status

unaffected

Any version

affected

Credits

Stephen Fewer, Senior Principal Security Researcher at Rapid7 finder

References

www.rapid7.com/...w-in-grandstream-gxp1600-voip-phones-fixed third-party-advisory

psirt.grandstream.com/ vendor-advisory

firmware.grandstream.com/Release_Note_GXP16xx_1.0.7.81.pdf release-notes

github.com/rapid7/metasploit-framework/pull/20983 exploit

cve.org (CVE-2026-2329)

nvd.nist.gov (CVE-2026-2329)

Download JSON

help @ threatint.eu