Vulnerabilities

CVE-2024-26153

by Fred · 17/01/2025

All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19
are vulnerable to cross-site request forgery (CSRF). An external
attacker with no access to the device can force the end user into
submitting a “setconf” method request, not requiring any CSRF token,
which can lead into denial of service on the device.

More information : https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-01

Similar

Tags: Cybersecurity Alert