Join THREATCON1 in Reston, VA - September 21-22, 2025.
Register for Free
Products
Government
Resources
Community
Company
Partners
Sign In / Join
Sign In
Advisories
Grandstream UCM Series IP PBX HTTP Parameter Injection
Go Back
severity
high
date
April 29, 2024
Affecting
Grandstream UCM Series IP PBX before 1.0.20.52
CVE
CVE-2024-0840
CVE type
Improper Neutralization of Parameter/Argument Delimiters
CVSS
8.8
CVSS V3 Vector
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
References
Release Notes