6 matches found
CVE-2016-2364
The Chrome HUDweb plugin before 2016-05-05 for Fonality previously trixbox Pro 12.6 through 14.1i uses the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from...
CVE-2016-2364
The Chrome HUDweb plugin before 2016-05-05 for Fonality previously trixbox Pro 12.6 through 14.1i uses the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from...
Hardcoded credentials
The Chrome HUDweb plugin before 2016-05-05 for Fonality previously trixbox Pro 12.6 through 14.1i uses the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from...
CVE-2016-2364
The Chrome HUDweb plugin before 2016-05-05 for Fonality previously trixbox Pro 12.6 through 14.1i uses the same hardcoded private key across different customers' installations, which allows remote attackers to defeat cryptographic protection mechanisms by leveraging knowledge of this key from...
CVE-2016-2364
The CVE-2016-2364 issue affects Fonality’s HUDweb plugin for Google Chrome (versions 12.6–14.1i) where the plugin uses a single hardcoded private key across different customer installations, enabling remote attackers to defeat cryptographic protections by exploiting knowledge of that key from ano...
Fonality HUDweb for Google Chrome Plugin Arbitrary Code Execution Vulnerability
Fonality formerly known as Trixbox pro is an open-source telephone switch solution with integrated VoIP and CRM features from Fonality, USA. The solution supports voicemail, multi-party voice conferencing and interactive voice response IVR. An arbitrary code execution vulnerability exists in the...