Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
ETIC Telecom Remote Access Server Insufficient Verification of Data Authenticity
Vulnerability Description
All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.
CVSS Information
CVSS:3.1/AV:A/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Vulnerability Type
对数据真实性的验证不充分
Vulnerability Title
ETIC Telecom Remote Access Server 数据伪造问题漏洞
Vulnerability Description
ETIC Telecom Remote Access Server是法国ETIC Telecom公司的一种远程维护解决方案。旨在使制造商远程即可维护自动化设备。 ETIC Telecom Remote Access Server(RAS) 4.5.0及以前版本存在数据伪造问题漏洞,该漏洞源于其网站门户容易接受为攻击者提供后门恶意固件包导致攻击者实现权限升级。
CVSS Information
N/A
Vulnerability Type
N/A