Privilege Escalation via SSH Access in Unify OpenStage SIP and OpenScape Desk Phone IP V3 Devices

Privilege Escalation via SSH Access in Unify OpenStage SIP and OpenScape Desk Phone IP V3 Devices

CVE-2014-8421 · HIGH Severity

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Unify (former Siemens) OpenStage SIP and OpenScape Desk Phone IP V3 devices before R3.32.0 allow remote attackers to gain super-user privileges by leveraging SSH access and incorrect ownership of (1) ConfigureCoreFile.sh, (2) Traceroute.sh, (3) apps.sh, (4) conversion_java2native.sh, (5) coreCompression.sh, (6) deletePasswd.sh, (7) findHealthSvcFDs.sh, (8) fw_printenv.sh, (9) fw_setenv.sh, (10) hw_wd_kicker.sh, (11) new_rootfs.sh, (12) opera_killSnmpd.sh, (13) opera_startSnmpd.sh, (14) rebootOperaSoftware.sh, (15) removeLogFiles.sh, (16) runOperaServices.sh, (17) setPasswd.sh, (18) startAccTestSvcs.sh, (19) usbNotification.sh, or (20) appWeb in /Opera_Deploy.

Learn more about our Web App Pen Testing.