CVE-2024-26155

All versions of ETIC Telecom Remote Access Server RAS prior to 4.5.0 expose clear text credentials in the web portal. An attacker can access the ETIC RAS web portal and view the HTML code, which is configured to be hidden, thus allowing a connection to the ETIC RAS ssh server, which could enable ...

CVE-2023-3453

ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition...

CVE-2023-3453

ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition...

PT-2023-24911 · Etic Telecom · Etic Telecom Ras

Name of the Vulnerable Software and Affected Versions: ETIC Telecom RAS versions 4.7.0 and prior Description: The web management portal authentication is disabled by default in the affected versions. This could allow an attacker with adjacent network access to alter the configuration of the devic...

ETIC Telecom RAS 安全漏洞

ETIC Telecom RAS is a series of telecom remote access servers from the French company ETIC Telecom. A security vulnerability exists in ETIC Telecom RAS version 4.7.0 and prior versions, which stems from disabling Web management portal authentication by default, allowing an attacker with access to...

ETIC Telecom RAS Authentication

1. EXECUTIVE SUMMARY CVSS v3 7.1 ATTENTION: Exploitable with adjacent access/low attack complexity Vendor: ETIC Telecom Equipment: Remote Access Server RAS Vulnerability: Insecure Default Initialization of Resource 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an...

Hardcoded credentials

All versions of ETIC Telecom Remote Access Server RAS 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full...

CISA Warns of Critical Vulnerabilities in 3 Industrial Control System Software

The U.S. Cybersecurity and Infrastructure Security Agency CISA has published three Industrial Control Systems ICS advisories about multiple vulnerabilities in software from ETIC Telecom, Nokia, and Delta Industrial Automation. Prominent among them is a set of three flaws affecting ETIC Telecom's...

ETIC Telecom Remote Access Server (RAS) (Update B)

1. EXECUTIVE SUMMARY --------- Begin Update A Part 1 of 5 --------- CVSS v3 7.6 ATTENTION: Exploitable remotely/low attack complexity --------- End Update A Part 1 of 5 --------- Vendor: ETIC Telecom Equipment: Remote Access Server RAS Vulnerabilities: Insufficient Verification of Data...