Submit #698650: Grandstream GXP1625 1.0.7.4 xssinfo

TitleGrandstream GXP1625 1.0.7.4 xss
DescriptionNormal user update system variable to inject xss payload to network status info. It happens to the endpoint '/cgi-bin/api.values.post' can update system variable. Then normal user can call the endpoint to update vpn_ip, then the value will stored in the system. Every visit of network status can triggered the XSS vulnerability. One of the usage is to steal admin's cookie for further action. Report: https://drive.google.com/file/d/1rsskCaj4TwiaGG9_VYabjnKMP_zAry7L/view?usp=sharing pwd: YyF2mcRcCLR123MX24
Source⚠️ https://drive.google.com/file/d/1rsskCaj4TwiaGG9_VYabjnKMP_zAry7L/view?usp=sharing
User
 cccll (UID 92824)
Submission11/20/2025 15:11 (5 months ago)
Moderation12/06/2025 15:01 (16 days later)
StatusAccepted
VulDB entry334606 [Grandstream GXP1625 1.0.7.4 Network Status Page /cgi-bin/api.values.post vpn_ip cross site scripting]
Points20

PreviousOverviewNext

Want to stay up to date on a daily basis?

Enable the mail alert feature now!