CVE-2020-5756

Published: Jul 17, 2020

Modified: Aug 4, 2024

PUBLISHED

Description

Grandstream GWN7000 firmware version 1.0.9.4 and below allows authenticated remote users to modify the system's crontab via undocumented API. An attacker can use this functionality to execute arbitrary OS commands on the router.

Vendor	Product	Versions
Tenable	Grandstream GWN7000	affected `Versions 1.0.9.4 and below`

Weaknesses (CWE)

CWE-489

References

https://www.tenable.com/security/research/tra-2020-41

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2020-5756

Description

Affected Products

Weaknesses (CWE)

References