Categories: VoIP News

Warning: EdgeMarc Gateways and Session Border Controllers Passwords Could be Compromised

Our partner Bandwidth has alerted us that there is potentially a problem with the password security of EdgeMarc Gateways and Session Border Controllers (ESBC).

This might affect all EdgeMarc device owners. In short, the default Username / Password of “Root” / “Default” of these devices have been compromised.

However, if you changed your log in credentials when you programmed your EdgeMarc device then you are probably safe. If you were never prompted to change the default username / password you may not have thought to change it.

How to Tell If Your EdgeMarc Password Should be Changed and Steps to Take

From the Bandwidth announcement, here’s how to tell if you need to change your password and the steps to take:

If you are unsure if your specific device has been compromised, you can take the following steps to investigate. However, it is still highly recommended to change the password:

  • In the EdgeMarc GUI, under ‘System’ click on “Client List”. If there are any entries listed other than known and local IP addresses, there is a strong possibility that your device has been compromised. To resolve, remove the offending IP address.

Additionally, the following steps should be taken to to ensure a secure device:

  • Disable PPTP (Point-to-Point Protocol) – Under PPTP server > Username, ensure there is no user built unless it is a known user.
  • Disallow WAN clients – Under VoIP ALG, uncheck both the ‘allow clients on WAN’ option, as well as the ‘Enable LLDP’ option.
  • Verify no additional scripting has taken place, by looking under ‘User Commands’. Specifically, if the following script is present, it will need to be deleted:

ln -sf /etc /etc/images/m.txt
chmod 777 /etc/images/m.txt/config/passwd
sed -i -e s’_'”501″‘_'”0″‘_’ /etc/images/m.txt/config/passwd
sed -i -e s’_'”501″‘_'”0″‘_’ /etc/images/m.txt/config/passwd
sed -i -e s’_'”/etc/images”‘_'”/”‘_’ /etc/images/m.txt/config/passwd

Note: Some EdgeMarc screens within the GUI save changes while you’re making them, and others require you to hit a ‘submit’ button. Please take note of this while making your changes.

Need EdgeMarc Help?

Thank you to Bandwidth for bringing this problem to our attention.

If the above information did not help you and you still have concerns, please call us at 800-398-8647.

Nathan Miloszewski

Nate is VoIP Supply's former Content Marketing Manager.

Share
Published by
Nathan Miloszewski

Recent Posts

Watch Now: 2025 February VoIP News Update

https://youtu.be/N-lzdnATPgk?si=DSbuMOrj16Vm4B1v Your February VoIP News Update is here! up first this month is the brand-new…

3 days ago

LINKVIL by Fanvil W610H & W710H IPCT Multi-Cell Solution Webinar

https://youtu.be/n5ixmNJo62A?si=iJZ9FBON2586xgpG It's time to unleash mobility with LINKVIL by Fanvil's new multi-cell solution! This webinar…

4 days ago

How To: Upgrade & Save Money on IP Paging in Educational Environments

Before I was in digital marketing, I was a teacher. For 7/12 years I taught…

3 weeks ago

Snom D815 SIP Phone Product Feature Video & How to Connect to WiFi

https://youtu.be/kHJZnDYyQQ8?si=2ZLrtFUrnnidxWoq See the Snom D815 SIP Phone like never before in this exclusive Product Feature…

3 weeks ago

AudioCodes SBCs Receive FIPS 140-3 Certification: A Milestone in Secure Communications

AudioCodes Session Border Controllers (SBCs) have achieved a significant milestone by obtaining the FIPS 140-3…

4 weeks ago

Introducing Fanvil V66 Pro & V62 Pro: The Future of Flexibility with Bluetooth Cordless Handsets Webinar

https://youtu.be/i7c5v_wGpAY?si=wD9KrJ9gHXfUXjH2 Sit back, relax, and learn everything you need to know about the new Fanvil…

4 weeks ago