CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-26153

All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19 are vulnerable to cross-site request forgery (CSRF). An external attacker with no access to the device can force the end user into submitting a "setconf" method request, not requiring any CSRF token, which can lead into denial of service on the device.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 11.6%

CVSS Severity

CVSS v3 Score 7.4

References

https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-01

Products affected by CVE-2024-26153

Etictelecom » Remote Access Server Firmware » Version: 4.5.0

cpe:2.3:o:etictelecom:remote_access_server_firmware:4.5.0
Etictelecom » Remote Access Server Firmware » Version: 4.7.0

cpe:2.3:o:etictelecom:remote_access_server_firmware:4.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-26153

Products

Pricing

Contact Us