A critical vulnerability in Grandstream GXP1600 series VoIP phones allows a remote, unauthenticated attacker to gain root privileges and silently eavesdrop on communications.
VoIP communication equipment from Grandstream Networks is being used by small and medium businesses. The maker's GXP product line is part of the company's high-end offering for businesses, schools, hotels, and Internet Telephony Service Providers (ITSP) around the world.
The vulnerability is tracked as CVE-2026-2329 and received a critical severity score of 9.3. It impacts the following six models of the GXP1600 series of devices that run firmware versions prior to 1.0.7.81:
GXP1610
GXP1615
GXP1620
GXP1625
GXP1628
GXP1630
Even if a vulnerable device is not directly reachable over the public internet, an attacker can pivot to it from another host on the network. Exploitation is silent, and everything works as expected.
... continue reading