CVE advisoryKnown Exploit
CVE-2020-5722
Grandstream UCM6200 SQL Injection Vulnerability
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
An unauthenticated SQL injection vulnerability in the Grandstream UCM6200 series' HTTP interface allows attackers to execute commands as root. This impacts affected systems by enabling unauthorized control, potentially compromising business operations and data. The risk is high due to the ease of exploitation and the p