Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2016-1518

EPSS 0.85% · P75
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2016-1518

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
The auto-provisioning mechanism in the Grandstream Wave app 1.0.1.26 and earlier for Android and Grandstream Video IP phones allows man-in-the-middle attackers to spoof provisioning data and consequently modify device functionality, obtain sensitive information from system logs, and have unspecified other impact by leveraging failure to use an HTTPS session for downloading configuration files from http://fm.grandstream.com/gs/.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Grandstream Video IP电话和Grandstream Wave app for Android 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Grandstream Wave app for Android和Grandstream Video IP phones都是美国潮流网络(Grandstream )公司的产品。前者是一套用于Android系统免费的网络电话应用程序;后者是一款IP视频电话。auto-provisioning mechanism是用于其中的一种自动配置机制。 Grandstream Video IP电话和基于Android平台的Grandstream Wave app 1.0.1.26及之前的版本的auto-provisio
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2016-1518

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2016-1518

登录查看更多情报信息。

Same Patch Batch · n/a · 2017-04-21 · 47 CVEs total

CVE-2016-1194Cybozu Garoon 安全漏洞
CVE-2016-4832AEON WAON ‘Service Application’ for Android 安全漏洞
CVE-2016-4841Cybozu Mailwise 安全漏洞
CVE-2016-4075Opera Mini和Opera Stable 安全漏洞
CVE-2017-7220OpenText Documentum Content Server 输入验证错误漏洞
CVE-2017-7409Palo Alto Networks PAN-OS 跨站脚本漏洞
CVE-2017-7951WonderCMS 跨站请求伪造漏洞
CVE-2017-7990Reporting Module for OpenMRS 跨站请求伪造漏洞
CVE-2017-7992Heartland Payment Systems heartland-php 跨站脚本漏洞
CVE-2016-4829DMM Movie Player App 安全漏洞
CVE-2016-4830Yanko Hernandez Garcia Sushiro App for iOS和for Android 安全漏洞
CVE-2016-1184Tokyo Star bank App for Android和iOS 安全漏洞
CVE-2016-1148Akerun-Smart Lock Robot App for iOS 安全漏洞
CVE-2016-0833Android 安全漏洞
CVE-2016-6519OpenStack Horizon 跨站脚本漏洞
CVE-2016-1557多款Netgear产品安全漏洞
CVE-2016-1556多款Netgear产品信息泄露漏洞
CVE-2016-1555多款Netgear产品安全漏洞
CVE-2016-10091unrtf 缓冲区错误漏洞
CVE-2016-0721PCS 授权问题漏洞

Showing top 20 of 47 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2016-1518

No comments yet

Leave a comment