Computer Security
[EN] securityvulns.ru no-pyccku


SNOM VoIP phones authentication bypass
Published:14.08.2009
Source:
SecurityVulns ID:10151
Type:remote
Threat Level:
5/10
Description:Web interface access authentication bypass.
Affected:SNOM : snom 300
 SNOM : snom 320
 SNOM : snom 360
 SNOM : snom 370
 SNOM : snom 820
CVE:CVE-2009-1048 (The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with firmware 6.5 before 6.5.20, 7.1 before 7.1.39, and 7.3 before 7.3.14 allows remote attackers to bypass authentication, and reconfigure the phone or make arbitrary use of the phone, via a (1) http or (2) https request with 127.0.0.1 in the Host header.)
Original documentdocumentWalter Sprenger, Authentication Bypass of Snom Phone Web Interface (14.08.2009)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod