Summary: A Malformed Input String to /cgi-bin/delete_CA on Grandstream GXP16xx VoIP 1.0.4.128 phones allows attackers to delete configuration parameters and gain admin access to the device.Published: Monday, April 1, 2019 - 17:29cvss: