[Freeswitch-users] [Security Issue][Need urgent comment]

Bilal Abbasi bilaln018 at gmail.com
Fri Jan 26 18:41:00 UTC 2018


Hi Users,
I am using FreeSWITCH Version 1.6.19 git c540248 .
today i noticed very weird issue, that i am getting an attack on one of my
dev servers, that somebody is trying to make calls out of the box.
And he is able to register the phone via "default" username(check via
sngrep), i am using complex password and there is NO USER with name
"DEFAULT" on my switch.
I tried to register the default user with any random password and it
allowed me to register on my softphone.
I am really worried, and i can't believe that it's something at FS end.
I am sure its some mistake, can somebody help me out please.

Regards
Abbasi
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeswitch.org/pipermail/freeswitch-users/attachments/20180126/94463905/attachment.html>


More information about the FreeSWITCH-users mailing list