![]() The firm pre-generated a list of potentially valid Zoom Meeting IDs, took 1,000 random IDs and prepared the URL string for joining the meeting.īut how could we determine if a Zoom Meeting ID represented a valid meeting or not? We discovered a fast and easy way to check this based on the following “ div” element present in the HTML Body of the returned response, when accessing “ Join Meeting” URL (’.format(response.url))Īccording to Check Point, its researchers were able to predict about 4% of generated Meeting IDs. If a user didn’t’ enable the “Require meeting password” option of enabled Waiting Room, the nine-to-11-digit meeting IDs were the only thing securing a meeting and preventing an unauthorized person from listening in. ![]() A vulnerability in teleconferencing app Zoom would have allowed a malicious actor to identify and join in on active meetings, Check Point Research says in a new report.Īccording to the cybersecurity research firm Check Point Research, the problem had to do with Zoom Meeting IDs.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |