writeups.xyz / Exploiting embedded mitel phones for unauthenticated remote code execution

Submitter : c2a

Date: 25 February 2024

Bounty : undisclosed

Vulnerabilities :

• RCE
• Reverse Engineering
• Buffer Overflow
• Memory Corruption
• Authentication Bypass
• OS Command Injection

Programs :

• Mitel

Authors :

• Kevin Joensen (@Ggisx)

Link :
https://baldur.dk/blog/embedded-mitel-exploitation.html