Comment by migueltarga
6 years ago
RingCentral Meetings uses zoom.us engine but the local server runs on port 19424 instead. I'm able to replicate the issue on it.
PoC: http://localhost:19424/launch?action=join&confno=3535353535
6 years ago
RingCentral Meetings uses zoom.us engine but the local server runs on port 19424 instead. I'm able to replicate the issue on it.
PoC: http://localhost:19424/launch?action=join&confno=3535353535
I can confirm that this vulnerability exists in RingCentral for macOS, version 7.0.136380.0312.
I was taken into Miguel's meeting, but since the host wasn't presented, it simply let me know it was waiting for him (It also had a friendly notice "Your video will turn ON automatically when the meeting starts".
I've changed my settings in Video > Meetings, just like in Zoom, to turn off my vid when joining. Also confirmed that the server is running on port 19424 (via terminal command 'lsof -i :19424').
In my case it's 19421 as written in the article.
For RingCentral or Zoom? Could be because I have both on my machine.
Zoom
2 replies →