Vulnerability Details CVE-2022-3703
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 16.4%
CVSS Severity
CVSS v3 Score 7.6
References
Products affected by CVE-2022-3703
-
cpe:2.3:h:etictelecom:ras-c-100-lw:-
-
cpe:2.3:h:etictelecom:ras-e-100:-
-
cpe:2.3:h:etictelecom:ras-e-220:-
-
cpe:2.3:h:etictelecom:ras-e-400:-
-
cpe:2.3:h:etictelecom:ras-ec-220-lw:-
-
cpe:2.3:h:etictelecom:ras-ec-400-lw:-
-
cpe:2.3:h:etictelecom:ras-ec-480-lw:-
-
cpe:2.3:h:etictelecom:ras-ecw-220-lw:-
-
cpe:2.3:h:etictelecom:ras-ecw-400-lw:-
-
cpe:2.3:h:etictelecom:ras-ew-100:-
-
cpe:2.3:h:etictelecom:ras-ew-220:-
-
cpe:2.3:h:etictelecom:ras-ew-400:-
-
cpe:2.3:h:etictelecom:rfm-e:-
-
cpe:2.3:o:etictelecom:remote_access_server_firmware:4.5.0