Grandstream Wave 1.0.1.26 TLS Man-In-The-Middle

Grandstream VoIP products deploy a remote provisioning mechanism that allows to automatically set configuration elements on app startup. By default, an insecure connection to `fm.grandstream.com` is used to obtain the provisioning profile. However, even if an HTTPS URL is configured, the certificate is not validated, allowing an active attacker to successfully impersonate the provisioning server with an invalid, mismatching or outdated certificate.

Leave a Reply