Lucene search
+L

127 matches found

Cvelist
Cvelist
added 2025/01/17 4:12 p.m.14 views

CVE-2024-26156 ETIC Telecom Remote Access Server (RAS) Cross-site Scripting

All versions of ETIC Telecom Remote Access Server RAS prior to 4.5.0 are vulnerable to reflected cross site scripting XSS attacks in the method parameter. The ETIC RAS web server uses dynamic pages that gets their input from the client side and reflects the input in its response to the client...

4.8CVSS0.00217EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/17 4:12 p.m.8 views

CVE-2024-26156 ETIC Telecom Remote Access Server (RAS) Cross-site Scripting

All versions of ETIC Telecom Remote Access Server RAS prior to 4.5.0 are vulnerable to reflected cross site scripting XSS attacks in the method parameter. The ETIC RAS web server uses dynamic pages that gets their input from the client side and reflects the input in its response to the client...

4.8CVSS6.1AI score0.00217EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.8 views

ETIC Telecom Remote Access Server 跨站脚本漏洞

ETIC Telecom Remote Access Server is a remote maintenance solution from the French company ETIC Telecom. It is designed to enable manufacturers to remotely maintain automated equipment. A cross-site scripting vulnerability exists in ETIC Telecom Remote Access Server versions prior to 4.5.0, which...

6.1CVSS6AI score0.00217EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.5 views

ETIC Telecom Remote Access Server 跨站请求伪造漏洞

ETIC Telecom Remote Access Server is a remote maintenance solution from ETIC Telecom, France. It is designed to enable manufacturers to remotely maintain automated equipment. A cross-site request forgery vulnerability exists in ETIC Telecom Remote Access Server versions prior to 4.9.19, which ste...

7.4CVSS6.5AI score0.0017EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/17 12:0 a.m.6 views

PT-2025-2390 · Etic Telecom · Etic Telecom Remote Access Server

Name of the Vulnerable Software and Affected Versions: ETIC Telecom Remote Access Server RAS versions prior to 4.5.0 Description: The issue concerns reflected cross-site scripting in the appliance site name. The ETIC RAS web server saves the site name and then presents it to the administrators in...

6.1CVSS6.3AI score0.00217EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.5 views

ETIC Telecom Remote Access Server 跨站脚本漏洞

ETIC Telecom Remote Access Server is a remote maintenance solution from the French company ETIC Telecom. It is designed to enable manufacturers to remotely maintain automated equipment. A cross-site scripting vulnerability exists in ETIC Telecom Remote Access Server versions prior to 4.5.0, which...

6.1CVSS5.7AI score0.00224EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.4 views

ETIC Telecom Remote Access Server 跨站脚本漏洞

ETIC Telecom Remote Access Server is a remote maintenance solution from the French company ETIC Telecom. It is designed to enable manufacturers to remotely maintain automated equipment. A cross-site scripting vulnerability exists in ETIC Telecom Remote Access Server versions prior to 4.5.0, which...

6.1CVSS5.7AI score0.00217EPSS
Exploits0References2
CNNVD
CNNVD
added 2025/01/17 12:0 a.m.6 views

ETIC Telecom Remote Access Server 安全漏洞

ETIC Telecom Remote Access Server is a remote maintenance solution from the French company ETIC Telecom. It is designed to enable manufacturers to maintain automated equipment remotely. A security vulnerability exists in ETIC Telecom Remote Access Server versions prior to 4.5.0, which stems from...

8.6CVSS6.5AI score0.00231EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/01/17 12:0 a.m.5 views

PT-2025-2389 · Etic Telecom · Etic Telecom Remote Access Server

Name of the Vulnerable Software and Affected Versions: ETIC Telecom Remote Access Server RAS versions prior to 4.9.19 Description: The issue allows an external attacker with no access to the device to force the end user into submitting a "setconf" method request, which can lead to denial of servi...

7.4CVSS6.5AI score0.0017EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2025/01/17 12:0 a.m.5 views

PT-2025-2391 · Etic Telecom · Etic Telecom Remote Access Server

Name of the Vulnerable Software and Affected Versions: ETIC Telecom Remote Access Server RAS versions prior to 4.5.0 Description: The issue exposes clear text credentials in the web portal. An attacker can access the ETIC RAS web portal, view the HTML code, and establish a connection to the ETIC...

8.6CVSS6.8AI score0.00231EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2025/01/17 12:0 a.m.5 views

PT-2025-2393 · Etic Telecom · Etic Telecom Remote Access Server

Name of the Vulnerable Software and Affected Versions: ETIC Telecom Remote Access Server RAS versions prior to 4.5.0 Description: The issue concerns reflected cross site scripting XSS attacks. This occurs in the get view method under the view parameter. The ETIC RAS web server uses dynamic pages...

6.1CVSS5.5AI score0.00224EPSS
Exploits0References6
CNNVD
CNNVD
added 2024/04/29 12:0 a.m.35 views

Secomea GateManager 安全漏洞

Secomea GateManager is a remote access server product from Secomea, Denmark. A security vulnerability exists in versions prior to Secomea GateManager 11.2.624095033, which stems from the presence of a buffer overflow vulnerability...

8.2CVSS7.2AI score0.00456EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/08/23 12:0 a.m.7 views

ETIC Telecom RAS 安全漏洞

ETIC Telecom RAS is a series of telecom remote access servers from the French company ETIC Telecom. A security vulnerability exists in ETIC Telecom RAS version 4.7.0 and prior versions, which stems from disabling Web management portal authentication by default, allowing an attacker with access to...

8.1CVSS7.8AI score0.0029EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/04/19 12:0 a.m.6 views

Secomea GateManager 安全漏洞

Secomea GateManager is a remote access server product from Secomea, Denmark. A security vulnerability exists in Secomea GateManager that stems from a password plaintext storage vulnerability...

8.8CVSS8AI score0.0017EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/01/16 12:0 a.m.8 views

The vulnerability of the Layer 2 Tunneling Protocol (L2TP) implementation in Microsoft Windows allows a hacker to execute arbitrary code.

The vulnerability of the Layer 2 Tunneling Protocol L2TP implementation in Microsoft Windows operating systems relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted connection request to the...

8.1CVSS8AI score0.01464EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/01/16 12:0 a.m.8 views

The vulnerability of the Layer 2 Tunneling Protocol (L2TP) implementation in Microsoft Windows allows a hacker to execute arbitrary code.

The vulnerability of the Layer 2 Tunneling Protocol L2TP implementation in Microsoft Windows operating systems relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a specially crafted connection request to the...

8.1CVSS8AI score0.01103EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/01/13 12:0 a.m.10 views

The vulnerability in the implementation of the Secure Socket Tunneling Protocol (SSTP) on Microsoft Windows operating systems allows a hacker to execute arbitrary code.

The vulnerability of the Secure Socket Tunneling Protocol SSTP implementation in Microsoft Windows operating systems is related to synchronization errors when using a common resource. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted...

8.1CVSS8AI score0.01084EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.2 views

PT-2023-1024 · Microsoft · Windows Secure Socket Tunneling Protocol +1

Name of the Vulnerable Software and Affected Versions: Windows Secure Socket Tunneling Protocol SSTP affected versions not specified Description: The issue is related to errors in synchronization when using a shared resource in the implementation of the Secure Socket Tunneling Protocol SSTP in...

8.1CVSS8.4AI score0.01084EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2023/01/10 12:0 a.m.2 views

PT-2023-1045 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to the implementation of the Layer 2 Tunneling Protocol L2TP in Microsoft Windows, specifically involving the use of memory after it has been freed. This can be exploit...

8.1CVSS8.6AI score0.01103EPSS
Exploits0References13
OSV
OSV
added 2022/11/10 10:15 p.m.6 views

CVE-2022-41607

All versions of ETIC Telecom Remote Access Server RAS 4.5.0 and prior’s application programmable interface API is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords,...

7.5CVSS5.8AI score0.00952EPSS
Exploits0References1
Rows per page
Query Builder