what you don't know can hurt you

Register | Login

FilesNewsUsersAuthors

Home Files News &[SERVICES_TAB]About Contact Add New

Showing 1 - 2 of 2

Files from alhazred

Grandstream GXV31XX settimezone Unauthenticated Command Execution

Posted Feb 9, 2022

Authored by Brendan Coles, alhazred, Brendan Scarvell | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Grandstream GXV31XX IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authentication to be bypassed by providing an alphanumeric cookie 93 characters in length. This module was tested successfully on Grandstream models: GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19; and GXV3140 hardware revision V0.4B with firmware version 1.0.1.27.

tags | exploit, overflow, arbitrary

advisories | CVE-2019-10655

SHA-256 | cc41409b8e7ba0962a39d75e4cae7e60ab281dbc2db437a377040c160691840b

Download | Favorite | View

Grandstream GXV3175 Unauthenticated Command Execution

Posted Jan 20, 2022

Authored by Brendan Coles, alhazred, Brendan Scarvell | Site metasploit.com

This Metasploit module exploits a command injection vulnerability in Grandstream GXV3175 IP multimedia phones. The settimezone action does not validate input in the timezone parameter allowing injection of arbitrary commands. A buffer overflow in the phonecookie cookie parsing allows authentication to be bypassed by providing an alphanumeric cookie 93 characters in length. This module was tested successfully on Grandstream GXV3175v2 hardware revision V2.6A with firmware version 1.0.1.19.

tags | exploit, overflow, arbitrary

advisories | CVE-2019-10655

SHA-256 | d0fc19a40c910116b96508ffd011c4004a203947a4105f88adf98dfcb129e127

Download | Favorite | View