Vulnerabilities (CVE)

Filtered by vendor Grandstream Subscribe
Filtered by product Gxv3501
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2013-3963 1 Grandstream 11 Gxv3500, Gxv3501, Gxv3504 and 8 more 2024-11-21 6.8 MEDIUM N/A
Cross-site request forgery (CSRF) vulnerability in goform/usermanage in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models allows remote attackers to hijack the authentication of unspecified victims for requests that add users.
CVE-2013-3962 1 Grandstream 11 Gxv3500, Gxv3501, Gxv3504 and 8 more 2024-11-21 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models before firmware 1.0.4.44, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO.
CVE-2013-3542 1 Grandstream 26 Gxv3500, Gxv3500 Firmware, Gxv3501 and 23 more 2024-11-21 10.0 HIGH 10.0 CRITICAL
Grandstream GXV3501, GXV3504, GXV3601, GXV3601HD/LL, GXV3611HD/LL, GXV3615W/P, GXV3651FHD, GXV3662HD, GXV3615WP_HD, GXV3500, and possibly other camera models with firmware 1.0.4.11, have a hardcoded account "!#/" with the same password, which makes it easier for remote attackers to obtain access via a TELNET session.