keywords:pbx ip pbx voip gateway gsm gateway

× Questions about how to buy OpenVox product and other business infomation.

http to sms vulnerability

2 years 7 months ago - 2 years 7 months ago #11529 by zveruga
Hi.
Some undefined hacker send many-many SMS via my router (until money on account is gone). I deep read a configs and found a vulnerability in HTTP to SMS module.
Even if module HTTP to SMS is turn off in web-interface a gateway allow to send SMS from URL:
http://ip:port/service?action=sendsms&username=smsuser&password=smspwd&phonenumber=1234567890&message=test
If I change a default login and password - everything is ok, gateway answered "Authentication Failed: Need valid username and password"
No matter - turn on or turn off a module.
BTW: lighttpd not check auth if request equal "service" and query string is "action=sendsms"
so hacker not need to know my login and password to web interface for sending SMS.
$HTTP["url"] =~ "^/service" {
    $HTTP["querystring"] !~ "^action=sendsms" {
        auth.require = (
            "/" =>(
            "method" => "digest",
            "realm" => "Openvox-Wireless-Gateway",
            "require" => "valid-user"
            ),
                )
        }
}
Version of my gateway in attachment
Attachments:
2 years 6 months ago #11532 by heizi.lv
Hi,

Sorry for the trouble.We will fix it ASAP in new firmware.And give you the new firmware ASAP.

Please change the default username and password at first for security.

Sorry for the trouble once again.
Time to create page: 0.021 seconds
Powered by Kunena Forum