{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-17T03:15:35.960","vulnerabilities":[{"cve":{"id":"CVE-2022-41607","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2022-11-10T22:15:15.323","lastModified":"2024-11-21T07:23:28.887","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords, scripts, python objects, database files, and more."},{"lang":"es","value":"Todas las versiones de ETIC Telecom Remote Access Server (RAS) 4.5.0 y la interfaz programable de aplicaciones (API) anterior son vulnerables a directory traversal a través de varios métodos diferentes. Esto podría permitir a un atacante leer archivos confidenciales del servidor, incluidas claves privadas SSH, contraseñas, scripts, objetos Python, archivos de bases de datos y más."}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N","baseScore":6.2,"baseSeverity":"MEDIUM","attackVector":"ADJACENT_NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":1.7,"impactScore":4.0},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N","baseScore":7.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE"},"exploitabilityScore":3.9,"impactScore":3.6}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-22"}]}],"configurations":[{"operator":"AND","nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:etictelecom:remote_access_server_firmware:*:*:*:*:*:*:*:*","versionEndIncluding":"4.5.0","matchCriteriaId":"7AE4F7CD-BE37-40B5-9A53-39B42CD17EF5"}]},{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-c-100-lw:-:*:*:*:*:*:*:*","matchCriteriaId":"5DAE45DD-78EE-4ACB-A1E5-C190BE642BDF"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-e-100:-:*:*:*:*:*:*:*","matchCriteriaId":"93F02AE2-6AC3-492E-9E91-E9F0725A1EEB"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-e-220:-:*:*:*:*:*:*:*","matchCriteriaId":"C32ED13F-237B-441C-8032-F54615AEFC73"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-e-400:-:*:*:*:*:*:*:*","matchCriteriaId":"86536932-B27A-4028-829D-2924CD431C54"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-ec-220-lw:-:*:*:*:*:*:*:*","matchCriteriaId":"52E2D325-0AE3-4459-9F27-5CC19349F060"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-ec-400-lw:-:*:*:*:*:*:*:*","matchCriteriaId":"DB8D1AA9-42C0-4546-A02E-91B3D7A8AD4B"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-ec-480-lw:-:*:*:*:*:*:*:*","matchCriteriaId":"50EEA797-3218-44FE-8D93-178C40F4BF17"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-ecw-220-lw:-:*:*:*:*:*:*:*","matchCriteriaId":"E768A79E-BBFD-47C1-8535-1F721D92575C"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-ecw-400-lw:-:*:*:*:*:*:*:*","matchCriteriaId":"F1D86798-3C5F-40A9-BF41-0602F78A027B"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-ew-100:-:*:*:*:*:*:*:*","matchCriteriaId":"D12CC48E-6DAC-4412-9068-04B774540500"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-ew-220:-:*:*:*:*:*:*:*","matchCriteriaId":"7D7A25F4-412A-4D16-922F-1219B86E31A0"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:ras-ew-400:-:*:*:*:*:*:*:*","matchCriteriaId":"32675A39-A1B3-4773-902A-6E6F8A72D16D"},{"vulnerable":false,"criteria":"cpe:2.3:h:etictelecom:rfm-e:-:*:*:*:*:*:*:*","matchCriteriaId":"B7543976-5400-4A9E-8E62-CB65FD00D0E1"}]}]}],"references":[{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-01","source":"ics-cert@hq.dhs.gov","tags":["Patch","Third Party Advisory","US Government Resource"]},{"url":"https://www.cisa.gov/uscert/ics/advisories/icsa-22-307-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory","US Government Resource"]}]}}]}