← Back to CVEs
CVE-2020-5722
CRITICALCISA KEV9.8
Description
The HTTP interface of the Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. An attacker can use this vulnerability to execute shell commands as root on versions before 1.0.19.20 or inject HTML in password recovery emails in versions before 1.0.20.17.
CVE Details
CVSS v3.1 Score9.8
SeverityCRITICAL
CVSS VectorCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorNETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published3/23/2020
Last Modified10/31/2025
Sourcekev
Honeypot Sightings0
CISA KEV
VendorGrandstream
ProductUCM6200
Vulnerability NameGrandstream Networks UCM6200 Series SQL Injection Vulnerability
KEV Date Added2022-01-28
Remediation Due Date2022-07-28
Ransomware UseUnknown
Affected Products
grandstream:ucm6200grandstream:ucm6200_firmware
Weaknesses (CWE)
CWE-89CWE-89
References
http://packetstormsecurity.com/files/156876/UCM6202-1.0.18.13-Remote-Command-Injection.html(vulnreport@tenable.com)
http://packetstormsecurity.com/files/165708/Grandstream-UCM62xx-IP-PBX-sendPasswordEmail-Remote-Code-Execution.html(vulnreport@tenable.com)
https://www.tenable.com/security/research/tra-2020-15(vulnreport@tenable.com)
http://packetstormsecurity.com/files/156876/UCM6202-1.0.18.13-Remote-Command-Injection.html(af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/165708/Grandstream-UCM62xx-IP-PBX-sendPasswordEmail-Remote-Code-Execution.html(af854a3a-2127-422b-91ae-364da2661108)
https://www.tenable.com/security/research/tra-2020-15(af854a3a-2127-422b-91ae-364da2661108)
https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2020-5722(134c704f-9b21-4f2e-91b3-4a467353bcc0)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.