Back to directory
WRITEUP #422

Exploiting embedded mitel phones for unauthenticated remote code execution

RCEReverse engineeringBuffer OverflowMemory corruptionAuthentication bypassOS command injection
by@ggisx(Kevin Joensen)
Program
Mitel
Published
Feb 25, 2024
Added to HackDex
May 8, 2024
Read Full Writeuphttps://baldur.dk/blog/embedded-mitel-exploitation.html
RELATED WRITEUPS
Vulnerabilities in Open Source C2 Frameworks
RCEOS command injection
4 exploits, 1 bug: exploiting cve-2024-20017 4 different ways
RCEBuffer Overflow
CVE-2024-37079:
OtherInteger underflow
Vulnerabilities in NodeJS C/C++ add-on extensions
OtherMemory corruption
Confusion Attacks: Exploiting Hidden Semantic Ambiguity in Apache HTTP Server!
RCEConfusion attack

Built with ❤️ by Shubham Rawat