BT VoIP flaw in DSL home gateway

By jobeard
Jan 22, 2008
  1. BT's Home Hub, issued to the company's U.K. broadband subscribers, has an authentication vulnerability that enables a Web site rigged with malicious JavaScript to initiate a phone call, according to the group, GNUCitizen.

    "We can tell your Home Hub to start a voice-over-IP connection with any telephone number on the planet," said Adrian Pastor in a video posted on the group's blog.

    For a successful attack, a person has to be lured to a Web site hosting the malicious JavaScript. That could be accomplished by sending a fraudulent e-mail from the person's bank saying he should click on the link, which launches the JavaScript, said researcher Petko Petkov, in the same video.

    see the article details
Topic Status:
Not open for further replies.

Similar Topics

Add New Comment

You need to be a member to leave a comment. Join thousands of tech enthusiasts and participate.
TechSpot Account You may also...