An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the Login function at /cgi and /webrtccgi.
Metrics
Affected Vendors & Products
References
History
Wed, 06 Aug 2025 21:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Grandstream
Grandstream ucm6510 Grandstream ucm6510 Firmware |
|
CPEs | cpe:2.3:h:grandstream:ucm6510:-:*:*:*:*:*:*:* cpe:2.3:o:grandstream:ucm6510_firmware:*:*:*:*:*:*:*:* |
|
Vendors & Products |
Grandstream
Grandstream ucm6510 Grandstream ucm6510 Firmware |
Tue, 29 Jul 2025 19:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Weaknesses | CWE-922 | |
Metrics |
cvssV3_1
|
Tue, 29 Jul 2025 15:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the Login function at /cgi and /webrtccgi. | |
References |
|

Status: PUBLISHED
Assigner: mitre
Published: 2025-07-29T00:00:00.000Z
Updated: 2025-07-29T18:27:11.802Z
Reserved: 2025-03-11T00:00:00.000Z
Link: CVE-2025-28171

Updated: 2025-07-29T18:27:05.245Z

Status : Analyzed
Published: 2025-07-29T16:15:24.287
Modified: 2025-08-06T20:48:13.240
Link: CVE-2025-28171

No data.