Security Advisory

CVE-2024-26153

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-17 16:23:10

Last updated 2025-01-21 14:45:48

Assigner icscert

State PUBLISHED

Description

All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.9.19 are vulnerable to cross-site request forgery (CSRF). An external attacker with no access to the device can force the end user into submitting a "setconf" method request, not requiring any CSRF token, which can lead into denial of service on the device.

← Browse all CVEs View on cve.org ↗