Snom VoIP vulnerability resolved

Tom Keating : VoIP & Gadgets Blog
Tom Keating
CTO
| VoIP & Gadgets blog - Latest news in VoIP & gadgets, wireless, mobile phones, reviews, & opinions

Snom VoIP vulnerability resolved

Snom 320After my Snom VoIP phone hacked article, I received a response from snom indicating that the vulnerability had more to do with a user not setting a password on the IP phone than any sort of bug or vulnerability in the snom firmware itself. Well that's certainly good news. I guess users or IT administrators that don't set passwords on the IP phones have only themselves to blame if their phones are hacked.

This direct from Snom...

CVE-2008-1248:
Yes, you can send an HTTP-POST to the phone and let it dial a number. But you can protect your phone by setting a password. If you set a password then nobody can post an HTTP request to dial a number. The statement in the referred web site that Snom phone don't support passwords is wrong. You can set a password to protect your phone. And you should do it if your phone is connected to the Internet directly.

Our next firmware release will warn the user that no password is set and that his phone is vulnerable.

This is not a real vulnerability, so we can't say a particular firmware is affected, since you can avoid it by setting a password

CVE-2008-1249:
Yes, this is possible right now when the flash plugin is enabled. But the flash plugin is not enabled by default in current firmwares. So a phone is not vulnerable unless you enable the flash plugin. But you can protect your phone by setting a password like for CVE-2008-1248.

Our next firmware release will warn the user that no password is set and that his phone is vulnerable.

Our release after the next will change the flash plugin so that this isn't possible any more.

This is not a real vulnerability, so we can't say a particular firmware is affected, since you can avoid it by setting a password

CVS-2008-1250:
Yes, Snom phone are vulnerable to cross-site request forgery (CSRF). All firmware up to V7.1.30 are affected.

We have changed our web frontend. It uses tokens and html-encoding for values entered in input fields now. Our next firmware release will not be vulnerable to CSRF any more.

CVS-2008-1251:
Yes, Snom phone are vulnerable to Cross-site scripting (XSS). All firmware up to V7.1.30 are affected.

We have changed our web frontend. It uses tokens and html-encoding for values entered in input fields now. Our next firmware release will not be vulnerable to XSS any more.

We also created a website:
http://www.snom.com/javascriptsecurity.html


Related Articles to 'Snom VoIP vulnerability resolved'
skype-social-media-hacked.png


masked-hacker-with-hat.jpg

Featured Events