Full title: Grandstream UCM62xx IP PBX sendPasswordEmail Remote Code Execution Exploit Category: remote exploits Platform: hardware This Metasploit module exploits an unauthenticated SQL injection vulnerability and a command injection vulnerability affecting the Grandstream UCM62xx IP PBX series of devices. The vulnerabilities allow an unauthenticated remote attacker to execute commands as root. # 0day.today @ http://0day.today/