CVE-2025-28170
CVE-2025-28170CVE-2025-28170
grandstream / gxp1628_firmware
Description
Grandstream Networks GXP1628 <=1.0.4.130 is vulnerable to Incorrect Access Control. The device is configured with directory listing enabled, allowing unauthorized access to sensitive directories and files.
Scoring
| CVSS | 7.6 () |
| Vector | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L |
| Last modified | 2026-07-05 |