CVE-2019-10661

CRITICAL

Grandstream Gxv3611ir HD Firmware < 1.0.3.23 - Authentication Bypass

Title source: rule

On Grandstream GXV3611IR_HD before 1.0.3.23 devices, the root account lacks a password.

Core 2

Core References

Third Party Advisory x_refsource_misc

Not Applicable x_refsource_misc

CVSS v3 9.8

EPSS 0.0039

EPSS Percentile 60.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

CWE-287

Status published

Products (1)

grandstream/gxv3611ir_hd_firmware < 1.0.3.23

Published Mar 30, 2019

Tracked Since Feb 18, 2026