keywords: ip pbx voip gateway gsm gateway

×

Notice

The forum is in read only mode.
  1. Forum
  3. Business
  5. How to buy OpenVox product
  7. http to sms vulnerability
× Questions about how to buy OpenVox product and other business infomation.

http to sms vulnerability

6 years 11 months ago - 6 years 11 months ago #11529 by zveruga
Hi.
Some undefined hacker send many-many SMS via my router (until money on account is gone). I deep read a configs and found a vulnerability in HTTP to SMS module.
Even if module HTTP to SMS is turn off in web-interface a gateway allow to send SMS from URL:
http://ip:port/service?action=sendsms&username=smsuser&password=smspwd&phonenumber=1234567890&message=test
If I change a default login and password - everything is ok, gateway answered "Authentication Failed: Need valid username and password"
No matter - turn on or turn off a module.
BTW: lighttpd not check auth if request equal "service" and query string is "action=sendsms"
so hacker not need to know my login and password to web interface for sending SMS.
$HTTP["url"] =~ "^/service" {
    $HTTP["querystring"] !~ "^action=sendsms" {
        auth.require = (
            "/" =>(
            "method" => "digest",
            "realm" => "Openvox-Wireless-Gateway",
            "require" => "valid-user"
            ),
                )
        }
}
Version of my gateway in attachment
Attachments:
6 years 11 months ago #11532 by heizi.lv
Hi,

Sorry for the trouble.We will fix it ASAP in new firmware.And give you the new firmware ASAP.

Please change the default username and password at first for security.

Sorry for the trouble once again.
  1. Forum
  3. Business
  5. How to buy OpenVox product
  7. http to sms vulnerability
Time to create page: 0.033 seconds
Powered by Kunena Forum