Vulnerabilities > CVE-2022-3703 - Unspecified vulnerability in Etictelecom Remote Access Server Firmware 4.5.0

CVSS 10.0 - CRITICAL

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

network

low complexity

etictelecom

critical

NVD

Published: 2022-11-10

Updated: 2024-11-21

Summary

All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.

Vulnerable Configurations

Part	Description	Count
OS	Etictelecom Etictelecom Remote Access Server Firmware 4.5.0	1
Hardware	Etictelecom Etictelecom RAS C 100 LW - Etictelecom RAS E 100 - Etictelecom RAS E 220 - Etictelecom RAS E 400 - Etictelecom RAS EC 220 LW - Etictelecom RAS EC 400 LW - Etictelecom RAS EC 480 LW - Etictelecom RAS ECW 220 LW - Etictelecom RAS ECW 400 LW - Etictelecom RAS EW 100 - Etictelecom RAS EW 220 - Etictelecom RAS EW 400 - Etictelecom RFM E -	13

Summary

Vulnerable Configurations

References