![]() |
Weak authentication vulnerability in Snom-320 SIP phone may allow a remote attacker to misuse the phone
OverviewA weak-authentication vulnerability in http implementation of Snom-320 SIP phone may allow a remote attacker to invoke phones calling features without authentication. ImpactAttacker may cause multiple phones in an enterprise to ring simultaneously causing havoc. Toll calls may also be initiated on behalf of un-suspecting users. Description
Snom-320 SIP phone is a remote-manageable and firmware-upgradeable SIP business telephone. It uses SIP protocol to provide VoIP services to business users. Snom-320 has a built-in web server which supports end-user configuration. The built-in web server listens on standard http port 80. In addition to port 80, Snom-320 phone has TCP port 1800 open and accessible through http. If a remote attacker is able to send an HTTP GET request to port 1800 of Snom-320 phone, s/he may misuse the phone to call a random number. Successfully sending such random http requests to several phones in an enterprise will ring large number of phones simultaneously. In case of SIP Trunking, attacker may be able to initiate calls to toll numbers on behalf of un-suspecting users and increase billing. Solution
Phone web-server implementation should be patched to authenticate access to port 1800. For more information on any of these threat advisories, please email Sipera VIPER Lab at viper@sipera.com |
Unified Communications Unleashed
Sipera Systems is the worldwide market leader in solutions for the rapid and simple adoption of Unified Communications (UC).
Thousands of users around the globe rely on Sipera to secure VoIP, IP video, collaboration, messaging and dozens of other high-performance applications.
Sipera’s groundbreaking “Borderless UC” enables controlled communications to any device in any location.
Years of UC Security experience is contained in Sipera unified communications (UC-Sec) products. These appliances benefit from the research conducted by Sipera VIPER Lab to provide comprehensive threat protection, policy enforcement, access control, and privacy in a single, real-time appliance.