CVEs-PoC/2021/CVE-2021-37915.md

### [CVE-2021-37915](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37915)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)

### Description

An issue was discovered on the Grandstream HT801 Analog Telephone Adaptor before 1.0.29.8. From the limited configuration shell, it is possible to set the malicious gdb_debug_server variable. As a result, after a reboot, the device downloads and executes malicious scripts from an attacker-defined host.

### POC

#### Reference
- https://www.secforce.com/blog/exploiting-grandstream-ht801-ata-cve-2021-37748-cve-2021-37915/

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/SECFORCE/CVE-2021-37748