CVE-2020-5726

HIGH

Grandstream UCM6200 <1.0.20.22 - SQL Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2020-5726. PoCs published by Jacob Baines.

AI-analyzed exploit summary This exploit demonstrates a SQL injection vulnerability in Grandstream UCM6200 Series CTI Interface, allowing an attacker to disclose user passwords by brute-forcing character by character. It leverages blind SQL injection to extract password length and content.

Description

The Grandstream UCM6200 series before 1.0.20.22 is vulnerable to an SQL injection via the CTI server on port 8888. A remote unauthenticated attacker can invoke the challenge action with a crafted username and discover user passwords.

Exploits (1)

exploitdb WORKING POC
by Jacob Baines · pythonwebappshardware
https://www.exploit-db.com/exploits/48270

This exploit demonstrates a SQL injection vulnerability in Grandstream UCM6200 Series CTI Interface, allowing an attacker to disclose user passwords by brute-forcing character by character. It leverages blind SQL injection to extract password length and content.

Classification
Working Poc 100%
Attack Type
Sqli
Complexity
Moderate
Reliability
Reliable
Target: Grandstream UCM6200 Series (firmware 1.0.20.20 and below)
No auth needed
Prerequisites: Network access to the target device · CTI interface exposed on port 8888
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2
Core References
Exploit, Third Party Advisory x_refsource_confirm
https://www.tenable.com/security/research/tra-2020-17

Scores

CVSS v3 7.5
EPSS 0.0423
EPSS Percentile 89.7%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-89
Status published
Products (3)
grandstream/ucm6202_firmware < 1.0.20.22
grandstream/ucm6204_firmware < 1.0.20.22
grandstream/ucm6208_firmware < 1.0.20.22
Published Mar 30, 2020
Tracked Since Feb 18, 2026