I want to open a garage door via call-in, so I set up the call utilities. I set up one call route:
I had four phones to test. I called from phone A (the allowed number), the relay switched and the garage door opened. Then I called from phone B and the door opened, too! WTF?
So I did some testing and found the following bug and security flaw:
I rebooted the router, logged into it via SSH and ran "logread -f" so that I could see what happened.
- I called from the allowed phone A and the number from phone A was in the log - correct!
- I called from phone B and the number from phone A was in the log - FAIL!
- I called from phone C and the number from phone B was in the log - FAIL!
- I called from phone D and the number from phone C was in the log - FAIL!
- I called from phone A and the number from phone D was in the log - FAIL!
The first call after a reboot is correct every time. After that the router detects the number from before every time you call it. This is a security problem because if you know this, you can open the garage (or do whatever the router does with this function) even if you don't have the correct number. You just have to call it after it has been opened before, because the router recognizes your call as the call before.
What can I do here? Can somebody test and confirm this as a bug? Any help would be greatly appreciated!
Thanks in advance!