A vulnerability, which was classified as critical, was found in Grandstream GXP2135 1.0.9.129/1.0.11.74/1.0.11.79. Affected is the function
SelfDefinedTimeZone
of the component CWMP Handler. The manipulation leads to os command injection.
This vulnerability is traded as CVE-2024-32937. It is possible to launch the attack remotely. There is no exploit available.