Tag Archives: vulnerability

#Phreaking2016: Authentication Flaw in O2 (Telefónica) ACS

Today, the details on a major authentication flaw in the Auto Configuration Server (ACS) of the German ISP O2 (Telefónica) were released. A tl;dr could be “Tell me your IPv4 address and I may place and accept phone calls on your behalf!”. … Continue reading

Posted in default | Tagged , , | 2 Comments

Rooting and Looting of the o2 HomeBox 3232

In November 2012 I published a tool which decrypts configuration backup files of Sphairon-based routers. This tool was mainly used by o2 customers who wanted to extract their VoIP login data so they could use any router they prefer – … Continue reading

Posted in default | Tagged , , | Leave a comment

AVM FRITZ!Box remote command injection vuln

Today I am featured in an article on heise.de. Have fun reading and do not forget to update your FRITZ!Box 😉

Posted in default | Tagged , | 1 Comment