Cleartext Configuration Dump Vulnerability in Grandstream GXP16xx VoIP 1.0.4.128 Phones

Cleartext Configuration Dump Vulnerability in Grandstream GXP16xx VoIP 1.0.4.128 Phones

CVE-2018-17563 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

A Malformed Input String to /cgi-bin/api-get_line_status on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to dump the device's configuration in cleartext.

Learn more about our Api Penetration Testing.