[YMCS/YDMP Free Trial Program]Yealink would like to offer Free Trial Program of Yealink device management service for our current eligible customers. You can see the details below.
https://www.yealink.com/ydmp-freetrial-2020

Yealink Forums » IP Phone Series » Wishlist v » security issue action uri:

Post Reply 
 
Thread Rating:
  • 0 Votes - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
security issue action uri:
Author Message
Chris Barron Offline
Member
***

Posts: 50
Joined: Sep 2015
Reputation: 0
Post: #1
security issue action uri:
Chaps:
this is partly a security alert and partly a request for a default configuration change.
The default setting for T4 series seems to be
features.action_uri.enable = 1
it should be = 0
This leaves the phone open to the following exploitation.

The phone is registered on port 5060 behind the nat (i.e first phone to be registered)
Because the action uri is open, the attack sets callforward on the phone to an international number
11-26-2018 02:45 PM
Find all posts by this user    like0    dislike0 Quote this message in a reply
Post Reply 


Messages In This Thread
security issue action uri: - Chris Barron - 11-26-2018 02:45 PM

Possibly Related Threads...
Thread: Author Replies: Views: Last Post
  Add Reset Action URL oliv 0 7,374 11-08-2018 12:08 PM
Last Post: oliv
  Action URL Request Billx 1 9,487 08-06-2013 02:36 PM
Last Post: Yealink Support

Forum Jump:


User(s) browsing this thread: 1 Guest(s)

Contact Us   Yealink   Return to Top   Return to Content   Lite (Archive) Mode   RSS Syndication