All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior is vulnerable to malicious file upload. An attacker could take advantage of this to store malicious files on the server, which could override sensitive and useful existing files on the filesystem, fill the hard disk to full capacity, or compromise the affected device or computers with administrator level privileges connected to the affected device.
References
Link | Resource |
---|---|
https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-01 | Patch Third Party Advisory US Government Resource |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: icscert
Published: 2022-11-03T00:00:00
Updated: 2023-08-23T16:09:26.867Z
Reserved: 2022-09-29T00:00:00
Link: CVE-2022-40981
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-11-10T22:15:15.113
Modified: 2023-12-28T19:14:27.900
Link: CVE-2022-40981
JSON object: View
Redhat Information
No data.
CWE