Four high-severity flaws in Grandstream ATAs threaten home office and midrange users alike, with outages, eavesdropping and device takeover. The ATAs are designed for everyone from home or small-office users to medium-sized businesses. The flaws have been confirmed by Grandstream, but no firmware update has yet been issued. All four bugs are unpatched as of this writing, according to analysis from Tenable, which have been published by the firm. Grandstream has not yet issued a firmware update for the ATAs.
Source: https://threatpost.com/4-unpatched-bugs-grandstream-atas-voip/157927/