CVE-2020-5722: Grandstream Networks UCM6200 Series SQL Injection
Grandstream Networks UCM6200 Series SQL Injection Vulnerability. Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.
- CISA KEV-listed (remediation due 2022-07-28)
- EPSS 92.7% (99.8% percentile)