Vulnerabilities > Etictelecom

DATE CVE VULNERABILITY TITLE RISK
2023-08-23 CVE-2023-3453 Insecure Default Initialization of Resource vulnerability in Etictelecom Remote Access Server Firmware 4.5.0/4.7.0
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default.
low complexity
etictelecom CWE-1188
8.1
2022-11-10 CVE-2022-3703 Insufficient Verification of Data Authenticity vulnerability in Etictelecom Remote Access Server Firmware 4.5.0
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.
network
low complexity
etictelecom CWE-345
critical
10.0
2022-11-10 CVE-2022-40981 Unrestricted Upload of File with Dangerous Type vulnerability in Etictelecom Remote Access Server Firmware 4.5.0
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload.
network
low complexity
etictelecom CWE-434
critical
10.0
2022-11-10 CVE-2022-41607 Path Traversal vulnerability in Etictelecom Remote Access Server Firmware 4.5.0
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s application programmable interface (API) is vulnerable to directory traversal through several different methods.
network
low complexity
etictelecom CWE-22
7.5