How severe is CVE-2025-28170?

CVE-2025-28170 has a CVSS v3 score of 7.6 (HIGH).

CVE-2025-28170

Name: gxp1628
Author: grandstream

7.6HIGH

Grandstream Networks GXP1628 <=1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and f

Published: 7/29/2025Updated: 8/6/2025

Description

Grandstream Networks GXP1628 <=1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files.

AI AnalysisPowered by AI

Affected Products

grandstreamgxp1628_firmware

grandstreamgxp1628

References

http://grandstream.com
Product
https://gist.github.com/Exek1el/928ea6fd06d3b48c1c91cfdc30317d8d
ExploitThird Party Advisory