Vulnerabilities (CVE)

Filtered by vendor Etictelecom Subscribe

Filtered by product Ras-e-220

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-3453	1 Etictelecom	14 Ras-c-100-lw, Ras-e-100, Ras-e-220 and 11 more	2023-12-28	N/A	8.1 HIGH
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.
CVE-2022-41607	1 Etictelecom	14 Ras-c-100-lw, Ras-e-100, Ras-e-220 and 11 more	2023-12-28	N/A	7.5 HIGH
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords, scripts, python objects, database files, and more.