Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
CVE Vulnerability Details :
CVE-2026-2329
PUBLISHED
More InfoOfficial Page
Assigner-rapid7
Assigner Org ID-9974b330-7714-4307-a722-5648477acda7
View Known Exploited Vulnerability (KEV) details
Published At-18 Feb, 2026 | 14:08
Updated At-18 Feb, 2026 | 14:50
Rejected At-
▼CVE Numbering Authority (CNA)
Grandstream GXP1600 VoIP Phones - Unauthenticated stack buffer overflow

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution (RCE) with root privileges on a target device. The vulnerability affects all six device models in the series: GXP1610, GXP1615, GXP1620, GXP1625, GXP1628, and GXP1630.

Affected Products
Vendor
Grandstream
Product
GXP1610
Default Status
unaffected
Versions
Affected
  • From 0 through 1.0.7.80 (semver)
Vendor
Grandstream
Product
GXP1615
Default Status
unaffected
Versions
Affected
  • From 0 through 1.0.7.80 (semver)
Vendor
Grandstream
Product
GXP1620
Default Status
unaffected
Versions
Affected
  • From 0 through 1.0.7.80 (semver)
Vendor
Grandstream
Product
GXP1625
Default Status
unaffected
Versions
Affected
  • From 0 through 1.0.7.80 (semver)
Vendor
Grandstream
Product
GXP1628
Default Status
unaffected
Versions
Affected
  • From 0 through 1.0.7.80 (semver)
Vendor
Grandstream
Product
GXP1630
Default Status
unaffected
Versions
Affected
  • From 0 through 1.0.7.80 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-121CWE-121 Stack-based Buffer Overflow
Type: CWE
CWE ID: CWE-121
Description: CWE-121 Stack-based Buffer Overflow
Metrics
VersionBase scoreBase severityVector
4.09.3CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 4.0
Base score: 9.3
Base severity: CRITICAL
Vector:
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Stephen Fewer, Senior Principal Security Researcher at Rapid7
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.rapid7.com/blog/post/ve-cve-2026-2329-critical-unauthenticated-stack-buffer-overflow-in-grandstream-gxp1600-voip-phones-fixed
third-party-advisory
https://psirt.grandstream.com/
vendor-advisory
https://firmware.grandstream.com/Release_Note_GXP16xx_1.0.7.81.pdf
release-notes
https://github.com/rapid7/metasploit-framework/pull/20983
exploit
Hyperlink: https://www.rapid7.com/blog/post/ve-cve-2026-2329-critical-unauthenticated-stack-buffer-overflow-in-grandstream-gxp1600-voip-phones-fixed
Resource:
third-party-advisory
Hyperlink: https://psirt.grandstream.com/
Resource:
vendor-advisory
Hyperlink: https://firmware.grandstream.com/Release_Note_GXP16xx_1.0.7.81.pdf
Resource:
release-notes
Hyperlink: https://github.com/rapid7/metasploit-framework/pull/20983
Resource:
exploit
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Details not found