Posted by RedTeam Pentesting GmbH on Jan 07

Advisory: o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials

The o2 Auto Configuration Server (ACS) discloses VoIP/SIP credentials of
arbitrary customers when receiving manipulated CWMP packets. These
credentials can then be used by an attacker to register any VoIP number
of the victim. This enables the attacker to place and receive calls on
behalf of the attacked user.

Details
=======

Product: o2 DSL Auto Configuration Server…