CVE-2019-10660

Publication date

2019-03-30 16:43:21

Family

mitre

State

PUBLISHED

Description

Grandstream GXV3611IR_HD before 1.0.3.23 devices allow remote authenticated users to execute arbitrary code via shell metacharacters in the /goform/systemlog?cmd=set logserver field.