CVE-2025-28172

Medium CVSS: 6.5

Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of Excessive Authentication Attempts. An attacker can perform an arbitrary number of authentication attempts using different passwords and eventually gain access to the targeted account using a brute force attack.

Vendor

Grandstream

Product

Ucm6510 Firmware

CWE

CWE-307

Yayın Tarihi

2025-07-29 15:15:34

Güncelleme

2025-08-06 20:53:49

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-307 Ucm6510 Firmware MEDIUM Grandstream 2025

Referanslar

http://grandstream.com https://gist.github.com/Exek1el/6291185a87c98d4229181212b2bd5cdf

Benzer Kayıtlar

Critical

CVE-2026-2329

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A…

High

CVE-2025-28170

Grandstream Networks GXP1628

Medium

CVE-2025-28171

An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the…