CVE-2016-2363
20.06.2016, 01:59
Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun script, which allows local users to obtain root access for unspecified command execution by leveraging access to the nobody account.Enginsight
| Vendor | Product | Version |
|---|---|---|
| fonality | fonality | 12.6 |
| fonality | fonality | 12.8 |
| fonality | fonality | 14.1i:i |
𝑥
= Vulnerable software versions
Common Weakness Enumeration