Summary
This host is installed with Wiser SIP Server and is prone to information disclosure vulnerability.
Impact
Successful exploitation will allow remote attackers to gain sensitive information without prior authentication.
Impact Level: Application
Solution
No solution or patch is available as of 20th February, 2015. Information regarding this issue will be updated once the solution details are available.
For Updates refer to http://www.develsistemas.com.br
Insight
Wiser contains a flaw that allow a remote attacker to gain access to backup information by sending a direct request for the /voip/sipserver/class/baixarBackup.php script.
Affected
Wiser SIP Server version 2.10
Detection
Send the crafted HTTP GET request and check is it possible to read the backup information.
References
Updated on 2015-03-25