CNNVD-202509-1543 Information
Sep 10, 2025
cve
CNNVD ID
CNNVD-202509-1543
Related CVE
- CNNVD Published: 2025-09-10
Description (Chinese)
Grandstream Wave是美国Grandstream公司的一个语音软件。 Grandstream Wave 1.27.8版本存在代码问题漏洞,该漏洞源于DLL搜索顺序劫持,可能导致执行任意代码。
Description (English)
Grandstream Wave is a voice software for Grandstream in the United States. There is a code loophole in version 1.27.8 of Grandstream Wave, which stems from the sequence of DLL searches, which may lead to the enforcement of arbitrary codes.
Hazard Level
Medium
Vulnerability Type
代码问题
Affected Vendor
潮流网络
Published
2025-09-10
Last Modified
2026-02-24
References
https://www.incibe.es/en/incibe-cert/notices/aviso/dll-search-order-hijack-wave-grandstream-networks
Patch
https://fw.gdms.cloud/wave/download/versionHistory.html
Share on: