CVE-2022-40981

Name of the Vulnerable Software and Affected Versions ETIC Telecom Remote Access Server (RAS) versions 4.5.0 and prior

Description The issue allows for malicious file upload, which an attacker could exploit to store malicious files on the server. This could result in overriding sensitive files on the filesystem, filling the hard disk to full capacity, or compromising the affected device or connected computers with administrator-level privileges.

Recommendations For versions 4.5.0 and prior, consider disabling file upload functionality until a patch is available to prevent malicious file uploads. Restrict access to sensitive files and directories on the server to minimize the risk of exploitation.