Critical CVE-2026-2329 Vulnerability in Grandstream VoIP Phones

Critical CVE-2026-2329 Vulnerability in Grandstream VoIP Phones

First seen 18 Feb 2026, 22:20 UTC Rapid7ThehackernewsFacebookDarkreadingFeeds2.Feedburner+10 82% similarity 51.6

Article Content

Browse articles
ThreatCluster

A critical vulnerability, CVE-2026-2329, has been identified in the Grandstream GXP1600 series VoIP phones, allowing unauthenticated remote code execution with root privileges. This flaw affects small and midsized businesses, hotels, and call centers, enabling attackers to intercept calls and commit toll fraud. A firmware update is available to remediate the issue.

ThreatCluster AI

Timeline

2026-02-18
CVE-2026-2329 published
2026-02-18
Rapid7 Labs discovers the vulnerability
2026-02-18
Vendor releases firmware update to remediate CVE-2026-2329

Community

Browse all →