Описание
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.
Ссылки
- PatchThird Party AdvisoryUS Government Resource
- PatchThird Party AdvisoryUS Government Resource
Уязвимые конфигурации
Конфигурация 1Версия до 4.7.0 (включая)
Одновременно
cpe:2.3:o:etictelecom:remote_access_server_firmware:*:*:*:*:*:*:*:*
Одно из
cpe:2.3:h:etictelecom:ras-c-100-lw:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-e-100:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-e-220:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-e-400:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-ec-220-lw:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-ec-400-lw:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-ec-480-lw:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-ecw-220-lw:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-ecw-400-lw:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-ew-100:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-ew-220:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:ras-ew-400:-:*:*:*:*:*:*:*
cpe:2.3:h:etictelecom:rfm-e:-:*:*:*:*:*:*:*
EPSS
Процентиль: 9%
0.00032
Низкий
7.1 High
CVSS3
8.1 High
CVSS3
Дефекты
CWE-1188
Связанные уязвимости
CVSS3: 7.1
github
больше 2 лет назад
ETIC Telecom RAS versions 4.7.0 and prior the web management portal authentication disabled by default. This could allow an attacker with adjacent network access to alter the configuration of the device or cause a denial-of-service condition.
EPSS
Процентиль: 9%
0.00032
Низкий
7.1 High
CVSS3
8.1 High
CVSS3
Дефекты
CWE-1188