Vulnerability Description
An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8. From the limited configuration shell, it is possible to set the malicious gdb_debug_server variable. As a result, after a reboot, the device downloads and executes malicious scripts from an attacker-defined host.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Grandstream | Ht801 Firmware | < 1.0.29.8 |
| Grandstream | Ht801 | - |
References
- http://firmware.grandstream.com/BETA/Release_Note_HT80x_1.0.29.8.pdfBroken Link
- http://www.grandstream.com/products/gateways-and-atas/analog-telephone-adaptors/ProductVendor Advisory
- https://www.secforce.com/blog/exploiting-grandstream-ht801-ata-cve-2021-37748-cvExploitThird Party Advisory
- http://firmware.grandstream.com/BETA/Release_Note_HT80x_1.0.29.8.pdfBroken Link
- http://www.grandstream.com/products/gateways-and-atas/analog-telephone-adaptors/ProductVendor Advisory
- https://www.secforce.com/blog/exploiting-grandstream-ht801-ata-cve-2021-37748-cvExploitThird Party Advisory
FAQ
What is CVE-2021-37915?
CVE-2021-37915 is a vulnerability with a CVSS score of 8.8 (HIGH). An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8. From the limited configuration shell, it is possible to set the malicious gdb_debug_server variable. As a res...
How severe is CVE-2021-37915?
CVE-2021-37915 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2021-37915?
Check the references section above for vendor advisories and patch information. Affected products include: Grandstream Ht801 Firmware, Grandstream Ht801.