DIVD-2023-00015 - Yeastar Configuration Panel Takeover
| Our reference | DIVD-2023-00015 |
| Case lead | Rutger Hermens |
| Researcher(s) | |
| CVE(s) | |
| Product | Yeastar N412 and N824 |
| Versions | n/a |
| Recommendation | Disable unauthorized access to the login page by routing it through security implementations such as VPNs. |
| Status | Closed |
| Last modified | 09 Mar 2023 09:40 CET |
Summary
DIVD has scanned the internet for vulnerable configuration panels on Yeastar N412 and N824 products.
What you can do
Make sure your configuration panel is not accessible from the wider internet. You might do so by, for instance, routing it through a VPN, to ensure only authorized users are able to access the panel.
What we are doing
we have informed the parties that own/operate equipment with the above vulnerability. As we have only found one vulnerable device, we have closed this case.
Timeline
| Date | Description |
|---|---|
|
20 Jan 2023- 20 Jan 2023 |
Swascan publishes security advisory. |
|
20 Jan 2023- 31 Jan 2023 |
DIVD starts scanning for vulnerable configuration panels. |
|
31 Jan 2023- 31 Jan 2023 |
DIVD informs vulnerable parties. |
gantt
title DIVD-2023-00015 - Yeastar Configuration Panel Takeover
dateFormat YYYY-MM-DD
axisFormat %e %b %Y
section Case
DIVD-2023-00015 - Yeastar Configuration Panel Takeover (13 days) :2023-01-20, 2023-02-02
section Events
Swascan publishes security advisory. (0 days) : 2023-01-20, 2023-01-20
DIVD starts scanning for vulnerable configuration panels. (11 days) : 2023-01-20, 2023-01-31
DIVD informs vulnerable parties. (0 days) : 2023-01-31, 2023-01-31
More information
- Swascan “Security Advisory: Yeastar N412 and N824 Configuration Panel Account Takeover”
- NIST “CVE-2022-47732 Detail”