CVE

CVE-2016-2363 (fonality)

admin

CVE-2016-2363 (fonality)

Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command execution by leveraging access to the nobody account.

Source: CVE-2016-2363 (fonality)

Exit mobile version