
Bugs in Grandstream Gear Lay Open SMBs to Range of Attacks - pentestercrab
https://threatpost.com/grandstream-bugs-smbs-attacks/143141/
======
pentestercrab
The original advisory can be found here[0] and a Github repository with PoCs
here[1].

[0] [https://www.trustwave.com/en-us/resources/security-
resources...](https://www.trustwave.com/en-us/resources/security-
resources/security-advisories/?fid=23920)

[1]
[https://github.com/scarvell/grandstream_exploits](https://github.com/scarvell/grandstream_exploits)

~~~
metildaa
Grandstream doesn't care about security, they went over a year with a broken
TLS reg stack on the DP750/DP720, and slightly under a year with the same
exact issue on the HT802.

I'd be curious to see an audit of the DP750...

