200 ICP embedded voicemail hacked

[nytalkin]

Hackers getting into 200 AX embedded voicemail and changing ZERO extension to international number. We've stopped the ability to make the call out but they keep hacking in. All passcodes have been changed including the TECHNICIAN passcode. Anyone have an idea how the hackers are able to change the ZERO extension? Product Support hasn't been any help.

I suppose you're entitled to your opinion, I'm just not going to suppose very hard.

 

[300Blackout]

I believe they call the AA....press *...they enter the admin mailbox number...they use default password...edit operator mailbox notification via outside number

 

[kwbMitel]

All Passcodes? Including MB 0? (1234)

mb 999
- Manager - Changed Via Option 6
- Administrator - Changed via option 6
- Technician - Changed via hidden option 9



**********************************************
What's most important is that you realise ... There is no spoon.

 

[nytalkin]

All passwords including the often forgotten TECHNICIAN passwords have been changed (twice). I seems the hackers may have found some new vunerability to exploit.

I suppose you're entitled to your opinion, I'm just not going to suppose very hard.

 

[kwbMitel]

I certainly hope not

Have you tried looking at the diag.dat file? /vmail/c/voxdrv

It might tell you how they MB is being accessed



**********************************************
What's most important is that you realise ... There is no spoon.

 

[sarond]

I more than often forget the operator mailbox 0.

Had that changed on me before. Just as you described, extension set to an international number.