Yealink Forums
SECURIY ISSUE: VC400 being brute forced and dont stop calling - Printable Version

+- Yealink Forums (http://forum.yealink.com/forum)
+-- Forum: IP Phone Series (/forumdisplay.php?fid=4)
+--- Forum: General topics (/forumdisplay.php?fid=15)
+--- Thread: SECURIY ISSUE: VC400 being brute forced and dont stop calling (/showthread.php?tid=42360)



SECURIY ISSUE: VC400 being brute forced and dont stop calling - HenriqueMachado - 01-04-2019 11:53 AM

Hello! Henrique from Brazil

Today my VC400 started receiving calls one after the other. When I look who is calling it show like SQL Injection codes:


admin' --
admin' #
admin'/*
' or 1=1--
' or 1=1#
' or 1=1/*
1' or '1' = '1
') or '1'='1--
') or ('1'='1--


What can I do? Is there a way to protect my VC400 from these scanners? Like a password before calling or something like that?

Thanks


RE: SECURIY ISSUE: VC400 being brute forced and dont stop calling - complex1 - 01-04-2019 01:02 PM

(01-04-2019 11:53 AM)HenriqueMachado Wrote:  Hello! Henrique from Brazil

Today my VC400 started receiving calls one after the other. When I look who is calling it show like SQL Injection codes:


admin' --
admin' #
admin'/*
' or 1=1--
' or 1=1#
' or 1=1/*
1' or '1' = '1
') or '1'='1--
') or ('1'='1--


What can I do? Is there a way to protect my VC400 from these scanners? Like a password before calling or something like that?

Thanks

Hi Henrique,

May I suggest to do next steps?

- Disconnect the VC400 from your LAN.
- Check your router firewall configuration if the right ports are set.
- Reset VC400 Codec to factory default.
Using tiny objects (for example, the paper clip) to press and hold the reset button for 15 seconds until the screen turns black.
- Change User password into a strong password (>16 char) or disable the user mode
- Change Admin password into a strong password (>16 char)
- Connect the VC400 to your LAN
- (Re)configure the device and check again.

Hope this will help.