cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2230
Views
0
Helpful
5
Replies

SPA504G Keeps Automatically Reverting to Call Forwarding

grahambrown1
Level 1
Level 1

Can someone please help me.

We have several SPA504G phones. One of them has started automatically Call Forwarding. We can turn this off with the button - but it appears again after some time. This is a big issue since when this phone is in Call Forwarding mode all our incoming calls are forwarded.

How can I permanently disable Call Forwarding ?

Thanks in advance for any help on this.

5 Replies 5

gunemalli
Level 1
Level 1

Hi Folks,

One of our customer reported that their phones are set to call forwarding autmatically. This happens without them doing anything. And after looking throuhg the PABX logs, these forwards are set to IDD numbers.

This issue has started very recently and could be cause of an exploit.

Any help would be appreciated to prevent this from hapenning.

Regards

Hi,

Have an update on this.

The customer's phones had public IP's assigned to them and the web GUI was accessible publicly and it was not protected.

So it looks like the issue was a hacker was just logging into the web GUI and adding call forward form the GUI to cause this issue.

Hope this helps if some one else is having something like this.

Regards

The customer's phones had public IP's assigned to them and the web GUI was accessible publicly and it was not protected.

Not so rare. I leaved notice on display and disabled WWW access on more than 30 publicly accesible phones just within past two weeks ...

Wow - I am confident this is happening to me in Australia.  I wondered why my IP addresses seemed to be outside of my local network.  When my phone gets auto-forwarded as described above, I call my Voip number with my cell phone to see where it forwards to, and it rings out.  Then I get a call back on my cell phone one minute later from a Chinese number!!  Once I pickup, they never say anything, and it hangs up after a few seconds.

Crazy stuff.

SPA50x is not suitable to be exposed to public Internet. Even with non-default password or WWW UI disabled at all.

Note that such kind of redirect may be used as a sort of anonymisation, thus your phone may be used by others to make crime. You may be subject of investigation then.