id: audiocodes-default-login
info:
name: AudioCodes 310HD, 320HD, 420HD, 430HD & 440HD - Default Login
author: d4vy
severity: high
description: AudioCodes devices 310HD, 320HD, 420HD, 430HD & 440HD contain a default login vulnerability. Default login credentials were discovered. An attacker can obtain access to user accounts and access sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://wiki.freepbx.org/display/FPG/Supported+Devices-Audio+Codes#:~:text=Reset%20to%20Factory%20Defaults,-Press%20the%20Menu&text=Then%2C%20enter%20the%20Admin%20password,is%20%221234%22%20by%20default
classification:
cwe-id: CWE-798
metadata:
max-request: 1
tags: iot,audiocodes,default-login,vuln
http:
- raw:
- |
POST /login.cgi HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
user={{username}}&psw={{url_encode(base64("{{password}}"))}}
attack: pitchfork
payloads:
username:
- admin
password:
- "1234"
unsafe: true
matchers-condition: and
matchers:
- type: word
words:
- "redirect('/mainform.cgi?go=mainframe.htm')"
- type: word
part: body
negative: true
words:
- "Login failed. Check username and password"
- type: status
status:
- 200
# digest: 4a0a00473045022100a268ec475306e9e2fc315d2e4a075fefcd61a89f782d5e761433355647498c2e022006ef816272b75a2033606812b7e0805130493d9e4242f0a4b6f859e90fb66b69:922c64590222798bb761d5b6d8e72950