Go try Intruder today for 14 days, free at https://go.lowlevel.tv/intruder

https://www.rapid7.com/blog/post/ve-phone-listening-cold-war-vulnerability-modern-voip/
https://www.rapid7.com/blog/post/ve-cve-2026-2329-critical-unauthenticated-stack-buffer-overflow-in-grandstream-gxp1600-voip-phones-fixed/

🏫 MY COURSES
Sign-up for my FREE 3-Day C Course: https://lowlevel.academy

🧙‍♂️ HACK YOUR CAREER
Wanna learn to hack? Join my new CTF platform: https://stacksmash.io

🔥COME HANG OUT   
Check out my other stuff: https://lowlevel.tv

Low Level Learning

CVE-2026-2329 is a critical (CVSS 9.3) unauthenticated stack-based buffer overflow in Grandstream GXP VoIP phones, affecting all models sharing the same firmware. The root cause is a strcpy into a 64-byte stack buffer with no length validation on user-supplied input via the web API endpoint. The device ships with zero modern exploit mitigations: no stack canaries, no ASLR, no PIE — only NX is enabled, making ROP the exploitation path. Rapid7 researchers achieved unauthenticated RCE as root and demonstrated SIP credential extraction. The video also discusses how Rust would have prevented this class of bug, and urges developers to validate input lengths and compile with modern security flags. Firmware version 1.0.7.81 patches the issue.

they can't keep getting away with this...

<p>These are the modern knights for uncovering sloppy work that has severe consequences for so many customers and asking for “justice” publically!</p>


<p>The number of exploits and their average severity are becoming increasingly worrying every day as the years goes by</p>
