There is a serious and effective vulnerability now in your system and these are the links of the vulnerability!
Grandstream UCM6200 Series WebSocket 18.104.22.168 - ‘user_password’ SQL Injection
Grandstream UCM6200 Series CTI Interface - ‘user_password’ SQL Injection
And works to withdraw the information of the manager, even if he changed the information, the new is withdrawn by injection !?