11-26-2018, 02:45 PM
Chaps:
this is partly a security alert and partly a request for a default configuration change.
The default setting for T4 series seems to be
features.action_uri.enable = 1
it should be = 0
This leaves the phone open to the following exploitation.
The phone is registered on port 5060 behind the nat (i.e first phone to be registered)
Because the action uri is open, the attack sets callforward on the phone to an international number
this is partly a security alert and partly a request for a default configuration change.
The default setting for T4 series seems to be
features.action_uri.enable = 1
it should be = 0
This leaves the phone open to the following exploitation.
The phone is registered on port 5060 behind the nat (i.e first phone to be registered)
Because the action uri is open, the attack sets callforward on the phone to an international number