CSRF Vulnerability in Vonage (Grandstream) HT802 Devices Allows Unauthorized Access

CSRF Vulnerability in Vonage (Grandstream) HT802 Devices Allows Unauthorized Access

CVE-2017-16565 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Cross-Site Request Forgery (CSRF) in /cgi-bin/login on Vonage (Grandstream) HT802 devices allows attackers to authenticate a user via the login screen using the default password of 123 and submit arbitrary requests.

Learn more about our User Device Pen Test.