T2x vulnerability? - Printable Version

T2x vulnerability? - Printable Version

+- Yealink Forums (http://forum.yealink.com/forum)
+-- Forum: IP Phone Series (/forumdisplay.php?fid=4)
+--- Forum: Phone specific topic (/forumdisplay.php?fid=12)
+---- Forum: T2xP Series (/forumdisplay.php?fid=21)
+---- Thread: T2x vulnerability? (/showthread.php?tid=307)

T2x vulnerability? - rgpyealink - 03-27-2013 09:35 PM

Hello,

I found a vulnerability in the T2x with usr/pass:admin/admin, if you enter: http://user:user@192.168.1.101/cgi-bin/ConfigManApp.com?Id=34&Command=1&Number=018881234567&Account=0 the phone makes a call.

Can I solve this?

Thanks in advance

RE: T2x vulnerability? - Yealink Support - 03-28-2013 04:46 PM

Hello,
You can upgrade to our latest firmware x.70.0.130(you can download them from our website), this firmware solved this issue.
http://www.yealink.com/SupportDownloadfiles_detail.aspx?CateId=186&flag=142