How severe is CVE-2025-28170?

CVE-2025-28170 has a CVSS v3 score of 7.6 (HIGH).

CVE-2025-28170

Name: gxp1628
Author: grandstream

7.6HIGH

Grandstream Networks GXP1628 <=1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and f

Publicado: 7/29/2025Atualizado: 8/6/2025

Descrição

Grandstream Networks GXP1628 <=1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files.

Análise IADesenvolvido por IA

Produtos Afetados

grandstreamgxp1628_firmware

grandstreamgxp1628

Referências

http://grandstream.com
Product
https://gist.github.com/Exek1el/928ea6fd06d3b48c1c91cfdc30317d8d
ExploitThird Party Advisory