Full Disclosure mailing list archives
Re: Grandstream VoIP phone: SSH key backdoor and multiple vulnerabilities leading to RCE as root (David Jorm
From: Jeffrey Walton <noloader () gmail com>
Date: Sat, 11 Jul 2015 21:18:10 -0400
A final issue I've reported to them in the past that's not resolved is the SSH host key being shared across all phones of the same firmware version. The authenticity of host '10.150.117.57 (10.150.117.57)' can't be established. RSA key fingerprint is 7f:83:e8:5c:0b:fb:d1:47:c7:f1:33:60:b1:28:b9:f9. The authenticity of host '10.150.117.65 (10.150.117.65)' can't be established. RSA key fingerprint is 7f:83:e8:5c:0b:fb:d1:47:c7:f1:33:60:b1:28:b9:f9.
This may (or may not) be a vulnerability. If they allow you to shut down the port so that no one can connect unless authorized by the owner, then its probably not a vulnerability. But its still a poor choice for security engineering. Do you know if the port can be closed? _______________________________________________ Sent through the Full Disclosure mailing list https://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Re: Grandstream VoIP phone: SSH key backdoor and multiple vulnerabilities leading to RCE as root (David Jorm Seamus Caveney (Jul 11)
- Re: Grandstream VoIP phone: SSH key backdoor and multiple vulnerabilities leading to RCE as root (David Jorm Jeffrey Walton (Jul 13)