CVE-2020-5722 — Actively Exploited: UCM6200 (Grandstream)
Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root.
| CVE ID | CVE-2020-5722 |
|---|---|
| Vendor | Grandstream |
| Product | UCM6200 |
| Vulnerability name | Grandstream Networks UCM6200 Series SQL Injection Vulnerability |
| Date added | 2022-01-28 |
| Remediation due | 2022-07-28 |
| Known ransomware use | Unknown |
| Required action | Apply updates per vendor instructions. |
| Description | Grandstream UCM6200 series is vulnerable to an unauthenticated remote SQL injection via crafted HTTP request. Exploitation can allow for code execution as root. |
| Source | CISA Known Exploited Vulnerabilities |
🔍 Search all exploited vulnerabilities →
$1499/mo
Try ExploitWatch →