Etictelecom Remote_access_server_firmware
9 CVEs affecting Etictelecom Remote_access_server_firmware. Latest disclosed: 2025-01-17. Critical: 0, High: 3.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2022-3703 | High | 7.6 | 2022-11-10 | All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide… |
CVE-2024-26153 | High | 7.4 | 2025-01-17 | All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19 are vulnerable to cross-site request forgery (CSRF). An external attacker with no acc… |
CVE-2023-3453 | High | 7.1 | 2023-08-23 | ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network acc… |
CVE-2024-26155 | Medium | 6.8 | 2025-01-17 | All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text credentials in the web portal. An attacker can access the ETIC RAS w… |
CVE-2022-41607 | Medium | 6.2 | 2022-11-10 | All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s application programmable interface (API) is vulnerable to directory traversal through… |
CVE-2024-26157 | Medium | 6.1 | 2025-01-17 | All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in get view method unde… |
CVE-2022-40981 | Medium | 5.9 | 2022-11-10 | All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to sto… |
CVE-2024-26156 | Medium | 4.8 | 2025-01-17 | All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in the method parameter… |
CVE-2024-26154 | Medium | 4.8 | 2025-01-17 | All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting in the appliance site name. The ETIC… |