High
CVSS 7.6
Overview
Grandstream Networks GXP1628 <=1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files.
CVE-2025-28170
Grandstream Networks GXP1628 <=1.0.4.130 is vulnerable to Incorrect Access Contr...
Risk analysis
This vulnerability is rated 🟠 HIGH.
- CVSS: 7.6 (HIGH)
- Detected tags: misconfiguration, unauth_access (tag impact: HIGH)
Recommended actions:
- Enforce authentication/authorization; reduce default endpoint exposure.