Vulnerability Database

300,830

Total vulnerabilities in the database

CVE-2025-28171

An issue in Grandstream UCM6510 v.1.0.20.52 and before allows a remote attacker to obtain sensitive information via the Login function at /cgi and /webrtccgi.

Published: Jul 29, 2025
Updated: Jul 30, 2025
CVE: CVE-2025-28171
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
grandstream / ucm6510_firmware	-	1.0.20.52.x

http://grandstream.com
http://ucm65xx.com
https://gist.github.com/Exek1el/a1fe4288f0df0a47068d618579c6b647

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo