Added affected version.

FEYE-2021-0001/FEYE-2021-0001.md

@@ -1,6 +1,6 @@
 # FEYE-2021-0001
 ## Description
-Grandstream Networks' GRP261x VoIP phone is susceptible to authenticated command injection as the privileged user `root` in its administrative web interface. When combined with CVE-2020-25218, unauthenticated remote code execution is possible.
+Grandstream Networks' GRP261x VoIP phone running firmware version 1.0.3.6 (Base) is susceptible to authenticated command injection as the privileged user `root` in its administrative web interface. When combined with CVE-2020-25218, unauthenticated remote code execution is possible. We suspect that this was introduced prior to firmware version 1.0.3.6, but it was not verified.
 
 ## Impact
 High - An attacker with remote network access to a GRP261x could remotely compromise the device. This could be used to install malware, modify system behavior, or stage a more serious attack.

FEYE-2021-0002/FEYE-2021-0002.md

@@ -1,6 +1,6 @@
 # FEYE-2021-0002
 ## Description
-Grandstream Networks' GRP261x VoIP phone is susceptible to an authentication bypass vulnerability in its administrative web interface. When combined with CVE-2020-25217, unauthenticated remote code execution as the privileged user `root` is possible.
+Grandstream Networks' GRP261x VoIP phone running firmware version 1.0.3.6 (Base) is susceptible to an authentication bypass vulnerability in its administrative web interface. When combined with CVE-2020-25217, unauthenticated remote code execution as the privileged user `root` is possible. We suspect that this was introduced prior to firmware version 1.0.3.6, but it was not verified.
 
 ## Impact
 High - An attacker with remote network access to a GRP261x could remotely compromise the device. This could be used to install malware, modify system behavior, or stage a more serious attack.