Exposures › CVE-2020-5722

CVE-2020-5722

Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2022-01-28
Reference
⚡ RCE ⌖ exploited in the wild shame 65/100 rceexploited-in-wild

Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.

Players implicated

Description

Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.

Affected FedRAMP products 0 in the catalog

No correlated FedRAMP products.