CVE-2016-1519

Published: 2017-04-21T20:59Z

Last Modified: 2024-11-21T02:46Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

The com.softphone.common package in the Grandstream Wave app 1.0.1.26 and earlier for Android does not properly validate SSL certificates, which allows man-in-the-middle attackers to spoof the Grandstream provisioning server via a crafted certificate. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt