CVE-2022-41607EPSS p56.7%

CVE-2022-41607CVE-2022-41607

etictelecom / remote_access_server_firmware

Description

All versions of ETIC Telecom Remote Access Server (RAS) 4.5.0 and prior’s application programmable interface (API) is vulnerable to directory traversal through several different methods. This could allow an attacker to read sensitive files from the server, including SSH private keys, passwords, scripts, python objects, database files, and more.

Scoring

CVSS 6.2 ()
VectorCVSS:3.1/AV:A/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
EPSS0.95% probability of exploitation · percentile 56.7% · 2026-06-18T12:00:27Z
Last modified2026-06-17
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.