Known Vulnerabilities for products from Fonality
Listed below are 9 of the newest known vulnerabilities associated with the vendor "Fonality".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2016-2364 | The Chrome HUDweb plugin before 2016-05-05 for Fonality (previously trixbox Pro) 12.6 through 14.1i uses the same hardcoded p... | 7.5 - HIGH | 2016-06-20 | 2016-06-21 |
| CVE-2016-2363 | Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 uses weak permissions for the /var/www/rpc/surun scrip... | 7.8 - HIGH | 2016-06-20 | 2016-06-21 |
| CVE-2016-2362 | Fonality (previously trixbox Pro) 12.6 through 14.1i before 2016-06-01 has a hardcoded password for the FTP account, which al... | 9.8 - CRITICAL | 2016-06-20 | 2016-06-21 |
| CVE-2014-5112 | maint/modules/home/index.php in Fonality trixbox allows remote attackers to execute arbitrary commands via shell metacharacte... | 7.5 - HIGH | 2014-07-28 | 2022-04-18 |
| CVE-2014-5111 | Multiple directory traversal vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot... | 5 - MEDIUM | 2014-07-28 | 2022-04-18 |
| CVE-2014-5110 | Cross-site scripting (XSS) vulnerability in user/help/html/index.php in Fonality trixbox allows remote attackers to inject ar... | 4.3 - MEDIUM | 2014-07-28 | 2023-01-31 |
| CVE-2014-5109 | SQL injection vulnerability in maint/modules/endpointcfg/endpoint_generic.php in Fonality trixbox allows remote attackers to ... | 7.5 - HIGH | 2014-07-28 | 2023-01-31 |
| CVE-2010-0702 | SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to execut... | 7.5 - HIGH | 2010-02-23 | 2023-01-31 |
| CVE-2007-6424 | registry.pl in Fonality Trixbox 2.0 PBX products, when running in certain environments, reads and executes a set of commands ... | 4.3 - MEDIUM | 2007-12-18 | 2022-04-18 |