CVE-2016-2362
Fonality (formerly trixbox Pro) 12.6–14.1i before 2016-06-01 contains a hardcoded FTP password, enabling remote attackers to log in via FTP or SSH and gain access as the ‘nobody’ user. Multiple sources (NVD entry CVE-2016-2362, related CNVD/CVE records, and CERT entries) corroborate that this vul...