Grandstream GXV31XX settimezone Unauthenticated Command Execution
Posted by deepcore on February 10, 2022 – 2:41 pm
This Metasploit module exploits a command injection vulnerability in Grandstream GXV31XX IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authentication to be bypassed by providing an alphanumeric cookie 93 characters in length. This module was tested successfully on Grandstream models: GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19; and GXV3140 hardware revision V0.4B with firmware version 1.0.1.27.
Post a reply
You must be logged in to post a comment.