CoreDial sipXcom sipXopenfire versions 21.04 and below suffer from XMPP message system command argument injection and insecure service file permissions that when chained together gives root.
b306297e359b80aaed39f16e6cdc8e7a70a93aff1cb4084d52e8dfcfadc31596