Vulnerabilites related to ETIC Telecom - Remote Access Server (RAS)
cve-2024-26157
Vulnerability from cvelistv5
Published
2025-01-17 16:14
Modified
2025-01-21 15:04
Severity ?
6.1 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
5.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
EPSS score ?
Summary
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0
are vulnerable to reflected cross site scripting (XSS) attacks in get
view method under view parameter. The ETIC RAS web server uses dynamic
pages that get their input from the client side and reflect the input in
their response to the client.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Version: 0 < 4.5.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26157",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T15:04:28.693023Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T15:04:39.958Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThan": "4.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nare vulnerable to reflected cross site scripting (XSS) attacks in get \nview method under view parameter. The ETIC RAS web server uses dynamic \npages that get their input from the client side and reflect the input in\n their response to the client."
}
],
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nare vulnerable to reflected cross site scripting (XSS) attacks in get \nview method under view parameter. The ETIC RAS web server uses dynamic \npages that get their input from the client side and reflect the input in\n their response to the client."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T16:14:43.418Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "This issue has been fixed in version 4.5.0. Update to firmware version \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003e4.5.0\u003c/a\u003e and above.\n\n\u003cbr\u003e"
}
],
"value": "This issue has been fixed in version 4.5.0. Update to firmware version 4.5.0 https://www.etictelecom.com/en/softwares-download/ and above."
}
],
"source": {
"advisory": "ICSA-22-307-01",
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Remote Access Server (RAS) Cross-site Scripting",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-26157",
"datePublished": "2025-01-17T16:14:43.418Z",
"dateReserved": "2024-02-14T22:03:32.381Z",
"dateUpdated": "2025-01-21T15:04:39.958Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-41607
Vulnerability from cvelistv5
Published
2022-11-10 21:31
Modified
2024-10-15 17:13
Severity ?
EPSS score ?
Summary
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords, scripts, python objects, database files, and more.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Version: 0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:49:43.447Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-41607",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-15T17:09:18.602933Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T17:13:11.103Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThanOrEqual": "4.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."
}
],
"datePublic": "2022-11-03T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAll versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior\u2019s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords, scripts, python objects, database files, and more.\u003c/p\u003e"
}
],
"value": "All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior\u2019s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords, scripts, python objects, database files, and more."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Path Traversal",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-23T16:09:58.159Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eETIC Telecom recommends updating the firmware of the affected devices to the following versions:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eETIC Telecom RAS: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003eversion 4.7.0 or later\u003c/a\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003eFor the installed devices, ETIC Telecom recommends:\u003cul\u003e\u003cli\u003eThis issue has been fixed in version 4.7.0. For versions prior to 4.7.0, to reduce the attack surface, we advise the user to verify in the router configuration that: (1) The administration web page is accessible only through the LAN side over HTTPS, and (2) The administration web page is protected with authentication.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "ETIC Telecom recommends updating the firmware of the affected devices to the following versions:\n\n\n * ETIC Telecom RAS: version 4.7.0 or later https://www.etictelecom.com/en/softwares-download/ \n\n\n\n\nFor the installed devices, ETIC Telecom recommends: * This issue has been fixed in version 4.7.0. For versions prior to 4.7.0, to reduce the attack surface, we advise the user to verify in the router configuration that: (1) The administration web page is accessible only through the LAN side over HTTPS, and (2) The administration web page is protected with authentication."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Remote Access Server Path Traversal",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-41607",
"datePublished": "2022-11-10T21:31:26.863838Z",
"dateReserved": "2022-09-29T00:00:00",
"dateUpdated": "2024-10-15T17:13:11.103Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26154
Vulnerability from cvelistv5
Published
2025-01-17 16:17
Modified
2025-01-21 14:56
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
4.8 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
EPSS score ?
Summary
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0
are vulnerable to reflected cross site scripting in the appliance site
name. The ETIC RAS web server saves the site name and then presents it
to the administrators in a few different pages.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Version: 0 < 4.5.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26154",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:55:51.814303Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T14:56:13.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThan": "4.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nare vulnerable to reflected cross site scripting in the appliance site \nname. The ETIC RAS web server saves the site name and then presents it \nto the administrators in a few different pages."
}
],
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nare vulnerable to reflected cross site scripting in the appliance site \nname. The ETIC RAS web server saves the site name and then presents it \nto the administrators in a few different pages."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T16:17:10.899Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For all firmware versions \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003e4.5.0\u003c/a\u003e and above, this issue is fixed."
}
],
"value": "For all firmware versions 4.5.0 https://www.etictelecom.com/en/softwares-download/ and above, this issue is fixed."
}
],
"source": {
"advisory": "ICSA-22-307-01",
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Remote Access Server (RAS) Cross-site Scripting",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For versions prior to 4.5.0, to reduce the attack surface, ETIC Telecom \nadvise the user to verify in the router configuration that: (1) The \nadministration web page is accessible only through the LAN side over \nHTTPS, and (2) The administration web page is protected with \nauthentication.\n\n\u003cbr\u003e"
}
],
"value": "For versions prior to 4.5.0, to reduce the attack surface, ETIC Telecom \nadvise the user to verify in the router configuration that: (1) The \nadministration web page is accessible only through the LAN side over \nHTTPS, and (2) The administration web page is protected with \nauthentication."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-26154",
"datePublished": "2025-01-17T16:17:10.899Z",
"dateReserved": "2024-02-14T22:03:32.380Z",
"dateUpdated": "2025-01-21T14:56:13.407Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2023-3453
Vulnerability from cvelistv5
Published
2023-08-23 21:14
Modified
2024-09-30 19:13
Severity ?
EPSS score ?
Summary
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Version: 0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:55:03.492Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-01"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-3453",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-30T19:09:13.772804Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-30T19:13:47.408Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThanOrEqual": "4.7.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Haviv Vaizman of OTORIO"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Hay Mizrachi of OTORIO"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Alik Koldobsky of OTORIO"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Ofir Manzur of OTORIO"
},
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Nikolay Sokolik of OTORIO"
}
],
"datePublic": "2023-07-27T19:05:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.\u003c/span\u003e\n\n"
}
],
"value": "\nETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.\n\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1188",
"description": "CWE-1188 Insecure Default Initialization of Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-23T21:14:17.553Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-208-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Update to\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eETIC Telecom RAS: \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003eversion 4.9.0 or later\u003c/a\u003e"
}
],
"value": "Update to\u00a0ETIC Telecom RAS: version 4.9.0 or later https://www.etictelecom.com/en/softwares-download/ "
}
],
"source": {
"advisory": "ICSA-23-208-01",
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Insecure Default Initialization of Resource",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\u003cp\u003eETIC Telecom recommends enabling the authentication mechanism on the administration interface. This can be done on the page \u201c\u0026gt; Setup \u0026gt; Security \u0026gt; Administration right\u201d by creating an administrator on the \u201cList of administrators\u201d table, enabling the parameter \u201cPassword protect the configuration interface,\u201d then setting the parameter \u201cProtocols to use for configuration\u201d to \u201cHTTPs only\u201d.\u003c/p\u003e\u003cp\u003eNOTE: for firmware versions 4.9.0 or later, enabling the administration protection is mandatory after the first product start.\u003c/p\u003e\n\n\u003cbr\u003e"
}
],
"value": "\nETIC Telecom recommends enabling the authentication mechanism on the administration interface. This can be done on the page \u201c\u003e Setup \u003e Security \u003e Administration right\u201d by creating an administrator on the \u201cList of administrators\u201d table, enabling the parameter \u201cPassword protect the configuration interface,\u201d then setting the parameter \u201cProtocols to use for configuration\u201d to \u201cHTTPs only\u201d.\n\nNOTE: for firmware versions 4.9.0 or later, enabling the administration protection is mandatory after the first product start.\n\n\n\n\n"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2023-3453",
"datePublished": "2023-08-23T21:14:17.553Z",
"dateReserved": "2023-06-28T20:05:19.353Z",
"dateUpdated": "2024-09-30T19:13:47.408Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-40981
Vulnerability from cvelistv5
Published
2022-11-10 21:31
Modified
2024-09-16 23:40
Severity ?
EPSS score ?
Summary
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full capacity, or compromise the affected device or computers with administrator level privileges connected to the affected device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Version: 0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T12:28:42.952Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThanOrEqual": "4.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."
}
],
"datePublic": "2022-11-03T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAll versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full capacity, or compromise the affected device or computers with administrator level privileges connected to the affected device.\u003c/p\u003e"
}
],
"value": "All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full capacity, or compromise the affected device or computers with administrator level privileges connected to the affected device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-434",
"description": "CWE-434 Unrestricted Upload of File with Dangerous Type",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-23T16:09:26.867Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eETIC Telecom recommends updating the firmware of the affected devices to the following versions:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eETIC Telecom RAS: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003eversion 4.7.0 or later\u003c/a\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor the installed devices, ETIC Telecom recommends:\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cspan style=\"background-color: var(--wht);\"\u003eFor all firmware versions 4.7.0 and above, only valid configuration files can be uploaded to the device. For versions prior to 4.7.0, to reduce the attack surface, we advise the user to verify in the router configuration that: (1) The administration web page is accessible only through the LAN side over HTTPS, and (2) The administration web page is protected with authentication.\u003c/span\u003e\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "ETIC Telecom recommends updating the firmware of the affected devices to the following versions:\n\n\n * ETIC Telecom RAS: version 4.7.0 or later https://www.etictelecom.com/en/softwares-download/ \n\n\n\n\nFor the installed devices, ETIC Telecom recommends:\n\n * For all firmware versions 4.7.0 and above, only valid configuration files can be uploaded to the device. For versions prior to 4.7.0, to reduce the attack surface, we advise the user to verify in the router configuration that: (1) The administration web page is accessible only through the LAN side over HTTPS, and (2) The administration web page is protected with authentication."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Remote Access Server Unrestricted Upload of File with Dangerous Type",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-40981",
"datePublished": "2022-11-10T21:31:47.402130Z",
"dateReserved": "2022-09-29T00:00:00",
"dateUpdated": "2024-09-16T23:40:42.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26153
Vulnerability from cvelistv5
Published
2025-01-17 16:23
Modified
2025-01-21 14:45
Severity ?
7.4 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H
6.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
6.3 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H
EPSS score ?
Summary
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19
are vulnerable to cross-site request forgery (CSRF). An external
attacker with no access to the device can force the end user into
submitting a "setconf" method request, not requiring any CSRF token,
which can lead into denial of service on the device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Version: 0 < 4.9.19 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26153",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:45:38.200840Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T14:45:48.666Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThan": "4.9.19",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19 \nare vulnerable to cross-site request forgery (CSRF). An external \nattacker with no access to the device can force the end user into \nsubmitting a \"setconf\" method request, not requiring any CSRF token, \nwhich can lead into denial of service on the device."
}
],
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19 \nare vulnerable to cross-site request forgery (CSRF). An external \nattacker with no access to the device can force the end user into \nsubmitting a \"setconf\" method request, not requiring any CSRF token, \nwhich can lead into denial of service on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:N/VA:N/SC:N/SI:N/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T16:23:10.357Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "ETIC Telecom recommends updating the affected device firmware to version \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003e4.9.19\u003c/a\u003e or later."
}
],
"value": "ETIC Telecom recommends updating the affected device firmware to version 4.9.19 https://www.etictelecom.com/en/softwares-download/ or later."
}
],
"source": {
"advisory": "ICSA-22-307-01",
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Remote Access Server (RAS) Cross-Site Request Forgery",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-26153",
"datePublished": "2025-01-17T16:23:10.357Z",
"dateReserved": "2024-02-14T22:03:32.379Z",
"dateUpdated": "2025-01-21T14:45:48.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26155
Vulnerability from cvelistv5
Published
2025-01-17 16:19
Modified
2025-01-21 14:55
Severity ?
6.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
6.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
6.1 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N
EPSS score ?
Summary
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0
expose clear text credentials in the web portal. An attacker can access
the ETIC RAS web portal and view the HTML code, which is configured to
be hidden, thus allowing a connection to the ETIC RAS ssh server, which
could enable an attacker to perform actions on the device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Version: 0 < 4.5.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26155",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T14:55:21.343254Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T14:55:29.814Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThan": "4.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nexpose clear text credentials in the web portal. An attacker can access \nthe ETIC RAS web portal and view the HTML code, which is configured to \nbe hidden, thus allowing a connection to the ETIC RAS ssh server, which \ncould enable an attacker to perform actions on the device."
}
],
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nexpose clear text credentials in the web portal. An attacker can access \nthe ETIC RAS web portal and view the HTML code, which is configured to \nbe hidden, thus allowing a connection to the ETIC RAS ssh server, which \ncould enable an attacker to perform actions on the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:N/VA:N/SC:H/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-319",
"description": "CWE-319 Cleartext Transmission of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T16:19:37.430Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For all firmware versions \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003e4.5.0\u003c/a\u003e and above, this issue is fixed."
}
],
"value": "For all firmware versions 4.5.0 https://www.etictelecom.com/en/softwares-download/ and above, this issue is fixed."
}
],
"source": {
"advisory": "ICSA-22-307-01",
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Remote Access Server (RAS) Cleartext Transmission of Sensitive Information",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For versions prior to 4.5.0, to reduce the attack surface, ETIC Telecom \nadvise the user to verify in the router configuration that: (1) The \nadministration web page is accessible only through the LAN side over \nHTTPS, and (2) The administration web page is protected with \nauthentication.\n\n\u003cbr\u003e"
}
],
"value": "For versions prior to 4.5.0, to reduce the attack surface, ETIC Telecom \nadvise the user to verify in the router configuration that: (1) The \nadministration web page is accessible only through the LAN side over \nHTTPS, and (2) The administration web page is protected with \nauthentication."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-26155",
"datePublished": "2025-01-17T16:19:37.430Z",
"dateReserved": "2024-02-14T22:03:32.380Z",
"dateUpdated": "2025-01-21T14:55:29.814Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2022-3703
Vulnerability from cvelistv5
Published
2022-11-10 21:32
Modified
2024-09-16 22:45
Severity ?
EPSS score ?
Summary
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Version: 0 < |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:20:57.038Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-01"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThanOrEqual": "4.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA"
}
],
"datePublic": "2022-11-03T06:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAll versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior\u2019s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.\u003c/p\u003e"
}
],
"value": "All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior\u2019s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-345",
"description": "CWE-345 Insufficient Verification of Data Authenticity",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-08-23T16:11:43.290Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eETIC Telecom recommends updating the firmware of the affected devices to the following versions:\u003cbr\u003e\u003c/p\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003eETIC Telecom RAS: \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003eversion 4.7.0 or later\u003c/a\u003e\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eFor the installed devices, ETIC Telecom recommends:\u003c/p\u003e\u003cul\u003e\u003cli\u003eFor all firmware versions 4.7.0 and above, there is a code signature verification for firmware packages. For versions prior to 4.7.0, to reduce the attack surface, we advise the user to verify: (1) That the downloaded firmware comes from a trusted source (ETIC Telecom web site), and (2) The hash of the firmware files.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
}
],
"value": "ETIC Telecom recommends updating the firmware of the affected devices to the following versions:\n\n\n * ETIC Telecom RAS: version 4.7.0 or later https://www.etictelecom.com/en/softwares-download/ \n\n\n\n\nFor the installed devices, ETIC Telecom recommends:\n\n * For all firmware versions 4.7.0 and above, there is a code signature verification for firmware packages. For versions prior to 4.7.0, to reduce the attack surface, we advise the user to verify: (1) That the downloaded firmware comes from a trusted source (ETIC Telecom web site), and (2) The hash of the firmware files."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Remote Access Server Insufficient Verification of Data Authenticity",
"x_generator": {
"engine": "Vulnogram 0.0.9"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2022-3703",
"datePublished": "2022-11-10T21:32:01.836058Z",
"dateReserved": "2022-10-26T00:00:00",
"dateUpdated": "2024-09-16T22:45:58.872Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-26156
Vulnerability from cvelistv5
Published
2025-01-17 16:12
Modified
2025-01-21 15:05
Severity ?
4.8 (Medium) - CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
4.8 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
4.8 (Medium) - CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
EPSS score ?
Summary
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0
are vulnerable to reflected cross site scripting (XSS) attacks in the
method parameter. The ETIC RAS web server uses dynamic pages that gets
their input from the client side and reflects the input in its response
to the client.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ETIC Telecom | Remote Access Server (RAS) |
Version: 0 < 4.5.0 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-26156",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T15:05:01.771280Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T15:05:56.805Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Remote Access Server (RAS)",
"vendor": "ETIC Telecom",
"versions": [
{
"lessThan": "4.5.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Haviv Vaizman, Hay Mizrachi, Alik Koldobsky, Ofir Manzur, and Nikolay Sokolik of OTORIO reported these vulnerabilities to CISA."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nare vulnerable to reflected cross site scripting (XSS) attacks in the \nmethod parameter. The ETIC RAS web server uses dynamic pages that gets \ntheir input from the client side and reflects the input in its response \nto the client."
}
],
"value": "All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 \nare vulnerable to reflected cross site scripting (XSS) attacks in the \nmethod parameter. The ETIC RAS web server uses dynamic pages that gets \ntheir input from the client side and reflects the input in its response \nto the client."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
},
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"privilegesRequired": "HIGH",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Cross-site Scripting",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-17T16:12:26.288Z",
"orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"shortName": "icscert"
},
"references": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-01"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For all firmware versions \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.etictelecom.com/en/softwares-download/\"\u003e4.5.0\u003c/a\u003e\n and above, this issue is fixed. \u003cbr\u003e"
}
],
"value": "For all firmware versions 4.5.0 https://www.etictelecom.com/en/softwares-download/ \n and above, this issue is fixed."
}
],
"source": {
"advisory": "ICSA-22-307-01",
"discovery": "EXTERNAL"
},
"title": "ETIC Telecom Remote Access Server (RAS) Cross-site Scripting",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "To reduce the attack surface in \nversions prior to 4.5.0, ETIC Telecom advises users to verify in the \nrouter configuration that: (1) The administration web page is accessible\n only through the LAN side over HTTPS, and (2) The administration web \npage is protected with authentication.\n\n\n\n\u003cbr\u003e"
}
],
"value": "To reduce the attack surface in \nversions prior to 4.5.0, ETIC Telecom advises users to verify in the \nrouter configuration that: (1) The administration web page is accessible\n only through the LAN side over HTTPS, and (2) The administration web \npage is protected with authentication."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
"assignerShortName": "icscert",
"cveId": "CVE-2024-26156",
"datePublished": "2025-01-17T16:12:26.288Z",
"dateReserved": "2024-02-14T22:03:32.381Z",
"dateUpdated": "2025-01-21T15:05:56.805Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}