CVE-2007-4498

Grandstream SIP Phone GXV-3000 <1.0.1.7 - SSRF

Title source: llm

Description

The Grandstream SIP Phone GXV-3000 with firmware 1.0.1.7, Loader 1.0.0.6, and Boot 1.0.0.18 allows remote attackers to force silent call completion, eavesdrop on the phone's local environment, and cause a denial of service (blocked call reception) via a certain SIP INVITE message followed by a certain "SIP/2.0 183 Session Progress" message.

Exploits (1)

exploitdb WORKING POC VERIFIED

by MADYNES · perldoshardware

https://www.exploit-db.com/exploits/30517

View Code ZIP pw:eip

References (8)

[Third Party Advisory] http://secunia.com/advisories/26568

[Third Party Advisory] http://www.vupen.com/english/advisories/2007/2970

[Exploit] http://www.securityfocus.com/bid/25399

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id?1018598

[Mailing List] http://lists.grok.org.uk/pipermail/full-disclosure/2007-August/065417.html

[Third Party Advisory] http://securityreason.com/securityalert/3059

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/36170

[Third Party Advisory, VDB Entry] http://osvdb.org/40185

Scores

EPSS 0.1664

EPSS Percentile 94.9%

Details

Status published

Products (1)

grandstream/sip_phone gxv-3000 1.0.0.18_boot (3 CPE variants)

Published Aug 23, 2007

Tracked Since Feb 18, 2026