CVE-2024-26155

MEDIUM Year: 2024
CVSS v3 Score
6.8
Medium
Weakness Type
CWE-319
View all →

Vulnerability Description

All versions of ETIC Telecom Remote Access Server (RAS) prior to 4.5.0 expose clear text credentials in the web portal. An attacker can access the ETIC RAS web portal and view the HTML code, which is configured to be hidden, thus allowing a connection to the ETIC RAS ssh server, which could enable an attacker to perform actions on the device.

Related Vulnerabilities

CVE-2019-14808

MEDIUM
CVSS:6.8(Medium)

An issue was discovered in the RENPHO application 3.0.0 for iOS. It transmits JSON data unencrypted to a server without an integrity check, if a user changes personal data in his profile tab (e.g., ex...

CWE-3192019

CVE-2020-4152

MEDIUM
CVSS:6.8(Medium)

IBM QRadar Network Security 5.4.0 and 5.5.0 transmits sensitive or security-critical data in cleartext in a communication channel that can be obtained using man in the middle techniques. IBM X-Force I...

CWE-3192020

CVE-2020-4397

MEDIUM
CVSS:6.8(Medium)

IBM Verify Gateway (IVG) 1.0.0 and 1.0.1 transmits sensitive information in plain text which could be obtained by an attacker using man in the middle techniques. IBM X-Force ID: 179428.

CWE-3192020

CVE-2021-20169

MEDIUM
CVSS:6.8(Medium)

Netgear RAX43 version 1.0.3.96 does not utilize secure communications to the web interface. By default, all communication to/from the device is sent via HTTP, which causes potentially sensitive inform...

CWE-3192021

CVE-2021-44518

MEDIUM
CVSS:6.8(Medium)

An issue was discovered in the eGeeTouch 3rd Generation Travel Padlock application for Android. The lock sends a pairing code before each operation (lock or unlock) activated via the companion app. Th...

CWE-3192021

CVE-2022-21951

MEDIUM
CVSS:6.8(Medium)

A Cleartext Transmission of Sensitive Information vulnerability in SUSE Rancher, Rancher allows attackers on the network to read and change network data due to missing encryption of data transmitted v...

CWE-3192022