GCVE - cpe:2.3:h:grandstream:ht812:-:*:*:*:*:*:*:*

Approved changes feed: RSS · Atom

cpe:2.3:h:grandstream:ht812:-:*:*:*:*:*:*:*

part: h version: - update: *

Vendor	Grandstream (`fb3509d2-60fb-591c-98b3-ccf7c0d07861`)
Product	Ht812 (`0dc28dff-f7d0-5976-b1b0-be448c7b03a2`)
Edition	*
Language	*
Software edition	*
Target software	*
Target hardware	*
Other	*
Notes	Imported from NVD CPE 2.0 feed

PURL mappings

PURL	Source	Last updated
No PURL mappings for this CPE yet.

Vulnerability references

Identifier	cpeApplicability	Submitted	db.gcve.eu details	Rationale
`CVE:CVE-2020-5763`	not_vulnerable	2026-06-03 14:42:57.263942	Details available Grandstream HT800 series firmware version 1.0.17.5 and below contain a backdoor in the SSH service. An authenticated remote attacker can obtain a root shell by correctly answering a challenge prompt. Published: 2020-07-29T18:51:50.000Z Updated: 2024-08-04T08:39:25.821Z Open on db.gcve.eu Reference links https://www.tenable.com/security/research/tra-2020-43 https://www.tenable.com/security/research/tra-2020-47	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-5762`	not_vulnerable	2026-06-03 14:42:57.263348	Details available Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to a denial of service attack against the TR-069 service. An unauthenticated remote attacker can stop the service due to a NULL pointer dereference in the TR-069 service. This condition is triggered due to mishandling of the HTTP Authentication field. Published: 2020-07-29T18:51:47.000Z Updated: 2024-08-04T08:39:25.894Z Open on db.gcve.eu Reference links https://www.tenable.com/security/research/tra-2020-43 https://www.tenable.com/security/research/tra-2020-47	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-5761`	not_vulnerable	2026-06-03 14:42:57.262701	Details available Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to CPU exhaustion due to an infinite loop in the TR-069 service. Unauthenticated remote attackers can trigger this case by sending a one character TCP message to the TR-069 service. Published: 2020-07-29T18:51:43.000Z Updated: 2024-08-04T08:39:25.699Z Open on db.gcve.eu Reference links https://www.tenable.com/security/research/tra-2020-43 https://www.tenable.com/security/research/tra-2020-47	Imported from gcve-enriched-dumps CVE data
`CVE:CVE-2020-5760`	not_vulnerable	2026-06-03 14:42:57.257542	Details available Grandstream HT800 series firmware version 1.0.17.5 and below is vulnerable to an OS command injection vulnerability. Unauthenticated remote attackers can execute arbitrary commands as root by crafting a special configuration file and sending a crafted SIP message. Published: 2020-07-29T18:51:40.000Z Updated: 2024-08-04T08:39:25.853Z Open on db.gcve.eu Reference links https://www.tenable.com/security/research/tra-2020-43 https://www.tenable.com/security/research/tra-2020-47	Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.