CVE-2022-2025

CRITICAL

Grandstream GSD3710 1.0.11.13 - Authenticated Stack-based Buffer Overflow via strcopy

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-2025. PoCs published by Pepelux.

AI-analyzed exploit summary This exploit leverages a stack overflow vulnerability in Grandstream GSD3710 firmware 1.0.11.13 and lower. It uses a ROP chain with hardcoded libc addresses to achieve remote code execution via SSH, executing '/bin/sh' to spawn a shell.

Description

an attacker with knowledge of user/pass of Grandstream GSD3710 in its 1.0.11.13 version, could overflow the stack since it doesn't check the param length before use the strcopy instruction. The explotation of this vulnerability may lead an attacker to execute a shell with full access.

Exploits (1)

exploitdb WORKING POC
by Pepelux · pythonremotemultiple
https://www.exploit-db.com/exploits/52313

This exploit leverages a stack overflow vulnerability in Grandstream GSD3710 firmware 1.0.11.13 and lower. It uses a ROP chain with hardcoded libc addresses to achieve remote code execution via SSH, executing '/bin/sh' to spawn a shell.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Grandstream GSD3710 firmware 1.0.11.13 and lower
Auth required
Prerequisites: SSH access to the target device · Valid credentials for authentication
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 9.8
EPSS 0.0401
EPSS Percentile 89.2%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact total

Details

CWE
CWE-121 CWE-787
Status published
Products (1)
grandstream/gds3710_firmware 1.0.11.13
Published Sep 23, 2022
Tracked Since Feb 18, 2026