CVE-2024-26155

Medium

Published: 17 January 2025

Published

17 January 2025

Modified

30 July 2025

KEV Added

—

Patch

—

CVSS Score 6.8 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

EPSS Score 0.0005 15.6th percentile

Risk Priority 14 60% EPSS · 20% KEV · 20% CVSS

Description

All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text credentials in the web portal. An attacker can access the ETIC RAS web portal and view the HTML code, which is configured to be hidden, thus allowing a connection to the ETIC RAS ssh server, which could enable an attacker to perform actions on the device.

Security Summary

CVE-2024-26155 is a vulnerability in all versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 that exposes cleartext credentials within the web portal. The HTML code containing these credentials is configured to be hidden, but an attacker can access the ETIC RAS web portal and view the source code to obtain them. This issue corresponds to CWE-319 (Cleartext Transmission of Sensitive Information) and has a CVSS v3.1 base score of 6.8 (AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

An attacker with network access and high privileges can exploit this vulnerability by accessing the web portal, inspecting the hidden HTML code to retrieve the cleartext credentials, and then using them to connect to the ETIC RAS SSH server. Successful exploitation enables the attacker to perform actions on the device, resulting in high confidentiality impact with a changed scope due to the credential exposure.

The CISA advisory ICSA-22-307-01 provides details on this vulnerability, and mitigation involves upgrading to ETIC Telecom RAS version 4.5.0 or later, which addresses the exposure of credentials in the web portal.

Details

CWE(s): CWE-319

Affected Products

etictelecom

remote access server firmware

≤ 4.5.0

References

https://www.cisa.gov/news-events/ics-advisories/icsa-22-307-01
Third Party Advisory, US Government Resource · ics-cert@hq.dhs.gov