Added intro details
This commit is contained in:
parent
3060b81caa
commit
56910e6e41
@ -9,9 +9,11 @@
|
||||
* https://github.com/malerisch/omnivista-8770-unauth-rce
|
||||
|
||||
## Intro
|
||||
I did notice this software a while ago while doing a penetration test. It captured my attention because it had a php interface which seemed very old and not greatly designed (not only graphically). As shown in the previous section, there wasn't any known vulnerability in this component. I wasn't unable to find any useful vulnerability without the source code, but only a few hints:
|
||||
Alcatel OmniVista is a graphical interface to Alcatel OmniPCX, a common Voip solution. This software is used to manage the Voip accounts as well as to serve as a public directory. [Official product page](https://www.al-enterprise.com/en/products/communications-management-security/omnivista-8770-network-management-system).
|
||||
|
||||
* Exposed error log in `/log/error.log/`
|
||||
I did notice this software a while ago while doing a penetration test. It caught my attention because the graphics interface looked somewhat old. As shown in the previous section, there wasn't any known vulnerability in this component. I wasn't unable to find any useful vulnerability without the source code, but only a few hints:
|
||||
|
||||
* Exposed error log in `/log/error.log`
|
||||
* Error log showed LDAP errors when trying special characters in login and search forms
|
||||
* Error log showed failed `unserialize()` calls while decoding the `bookmarks`, the `themes` or the `cfilter` cookie
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user