All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0
are vulnerable to reflected cross site scripting (XSS) attacks in the
method parameter. The ETIC RAS web server uses dynamic pages that gets
their input from the client side and reflects the input in its response
to the client.
Metrics
Affected Vendors & Products
References
History
Wed, 30 Jul 2025 17:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Etictelecom
Etictelecom remote Access Server Firmware |
|
CPEs | cpe:2.3:o:etictelecom:remote_access_server_firmware:*:*:*:*:*:*:*:* | |
Vendors & Products |
Etictelecom
Etictelecom remote Access Server Firmware |
Tue, 21 Jan 2025 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Fri, 17 Jan 2025 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 are vulnerable to reflected cross site scripting (XSS) attacks in the method parameter. The ETIC RAS web server uses dynamic pages that gets their input from the client side and reflects the input in its response to the client. | |
Title | ETIC Telecom Remote Access Server (RAS) Cross-site Scripting | |
Weaknesses | CWE-79 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: icscert
Published: 2025-01-17T16:12:26.288Z
Updated: 2025-01-21T15:05:56.805Z
Reserved: 2024-02-14T22:03:32.381Z
Link: CVE-2024-26156

Updated: 2025-01-21T15:05:53.201Z

Status : Analyzed
Published: 2025-01-17T17:15:11.533
Modified: 2025-07-30T17:01:46.600
Link: CVE-2024-26156

No data.