Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-28172 | 1 Grandstream | 2 Ucm6510, Ucm6510 Firmware | 2025-08-06 | N/A | 6.5 MEDIUM |
| Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of Excessive Authentication Attempts. An attacker can perform an arbitrary number of authentication attempts using different passwords and eventually gain access to the targeted account using a brute force attack. | |||||
| CVE-2025-28171 | 1 Grandstream | 2 Ucm6510, Ucm6510 Firmware | 2025-08-06 | N/A | 6.5 MEDIUM |
| An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the Login function at /cgi and /webrtccgi. | |||||