All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s web portal is vulnerable to accepting malicious firmware packages that could provide a backdoor to an attacker and provide privilege escalation to the device.
The product does not sufficiently verify the origin or authenticity of data, in a way that causes it to accept invalid data.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Remote_access_server_firmware | Etictelecom | * | 4.5.0 (including) |