CVE-2017-18923
beroNet VoIP Gateways before 3.0.16 have a PHP script that allows downloading arbitrary files, including ones with credentials.
Date published : 2020-07-29
https://beronet.atlassian.net/wiki/spaces/PUB/pages/88768529/Security+Issues