{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreidydsavy2h6y3lpyrn3yc5zf7hnqkacrmjyrs7lu6cliocnyavpuq",
    "uri": "at://did:plc:6wtxqaikjf62unmnajbfbq5v/app.bsky.feed.post/3mfg5zdpewq32"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreidiwel77y26jqyjhjmleg6k6drrp4bt7h7an65evanw2gune427dy"
    },
    "mimeType": "image/webp",
    "size": 4058
  },
  "path": "/grandstream-gxp1600-voip-phones-cve-2026-2329-enables-unauthenticated-root-rce-and-call-interception/",
  "publishedAt": "2026-02-21T19:22:06.000Z",
  "site": "https://vpncentral.com",
  "tags": [
    "News",
    "Grandstream GXP1600 VoIP Phones CVE-2026-2329 Enables Unauthenticated Root RCE and Call Interception",
    "VPN Central"
  ],
  "textContent": "Grandstream GXP1600 series VoIP phones suffer critical CVE-2026-2329 stack buffer overflow. Attackers gain root privileges remotely without authentication via web API endpoint /cgi-bin/api.values.get. Rapid7 researchers disclosed the flaw discovered January 6, 2026. CVSS score hits 9.3. The vulnerability lives in default configuration. Malicious HTTP requests with colon-delimited “request” parameter overflow stack. Attackers execute arbitrary code […]\n\nThe post Grandstream GXP1600 VoIP Phones CVE-2026-2329 Enables Unauthenticated Root RCE and Call Interception appeared first on VPN Central.",
  "title": "Grandstream GXP1600 VoIP Phones CVE-2026-2329 Enables Unauthenticated Root RCE and Call Interception"
}