Showing results for 
Search instead for 
Did you mean: 

Cisco Community Designated VIP Class of 2020


** Security issue with **

I just found a major security issue with 2 systems using  The end users are unrelated.

The issue is with Bandwidth's Edgemarc. has opened port 5060 to the entire Internet, unrestricted, and forwards anything received on 5060 to the cutomer's PBX, router, gateway, UC500.  With this configuration anyone on the Net can point a SIP client to the Edgemarc's public IP and make a phone call.  When the SIP messages are forwarded to the router/UC500 they appear to be sourced from the "trusted" Edgemarc IP, but in fact are sourced from anywhere on the Net.  Note: doesn't use SIP registration, they expect you to "trust" the IP of their servers or gear.

The disturbing points, the Bandwidth techs had a difficult time understanding why this was a risk....even after watching multiple rougue international calls traverse the Edgemarc.  Also disturbing, one of these Edgemarcs was locked down at one time because I tested for this vulnerability at the time if install, but now that is no longer the case and Bandwidth techs insisted that port 5060 should be open to the entire Internet!?!?!

Bottom line, if you are connecting to using an Edgemarc or any Bandwidth gear at your site, check the security.  Better yet, do not trust with the security of your network.  On a similar, but unrelated note, in one of these cases the end customer also advised me that had also left the default passwords on the Edgemarc as well.  The passwords have since been changed due to efforts by the end customer.

CreatePlease to create content
Content for Community-Ad
FusionCharts will render here