SIP Abused with XSS
Share this:
The SIP communications protocol can be abused to perform cross-site scripting (XSS) attacks. SIP technology used to manage communication across services including VoIP, audio, and instant messaging, can be used as a conduit to perform app-based assaults on software.
This includes XSS attacks, in which users browser sessions may be compromised, same-origin policies circumvented, and user impersonation may take place for purposes including theft, phishing, or the deployment of malware.
XSS entry point
An open source network packet sniffer used by system administrators to analyses the quality of VoIP calls based on various network Vulnerability found during an audit in the software interface to that monitors device request managed via User Agent header value
This value is rendered in the DOM of the user’s web browser. In the hands of miscreants, this may lead to the execution of malicious code relying on some canary token or callback.
Temporary code execution
The code execution during a short window of opportunity could lead to privilege escalation and full, permanent admin access. This would be done by creating an administrator account by storing a further JavaScript payload in the system. This could lead to exfiltration of data and traffic, the hijack of other administrator accounts, and the deployment of malware such as keyloggers, backdoors.
It is recommended that VoIPmonitor users update to the latest version available, v.24.71.
