CVE-2024-26153
All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19
are vulnerable to cross-site request forgery (CSRF). An external
attacker with no access to the device can force the end user into
submitting a "setconf" method request, not requiring any CSRF token,
which can lead into denial of service on the device.
are vulnerable to cross-site request forgery (CSRF). An external
attacker with no access to the device can force the end user into
submitting a "setconf" method request, not requiring any CSRF token,
which can lead into denial of service on the device.
Vendor
Product
CWE
Yayın Tarihi
2025-01-17 17:15:10
Güncelleme
2025-07-30 17:15:26
Source Identifier
ics-cert@hq.dhs.gov
KEV Date Added
-