Vulnerability Database

300,830

Total vulnerabilities in the database

CVE-2025-28172

Grandstream Networks UCM6510 v1.0.20.52 and before is vulnerable to Improper Restriction of Excessive Authentication Attempts. An attacker can perform an arbitrary number of authentication attempts using different passwords and eventually gain access to the targeted account using a brute force attack.

Published: Jul 29, 2025
Updated: Jul 30, 2025
CVE: CVE-2025-28172
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
grandstream / ucm6510_firmware	-	1.0.20.52.x

http://grandstream.com
https://gist.github.com/Exek1el/6291185a87c98d4229181212b2bd5cdf

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo