VYPR

MIDGE Firmware

by Racom

CVEs (9)

  • CVE-2021-20074HigFeb 16, 2021
    risk 0.57cvss 8.8epss 0.01

    Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands.

  • CVE-2021-20073HigFeb 16, 2021
    risk 0.57cvss 8.8epss 0.00

    Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries.

  • CVE-2021-20075HigFeb 16, 2021
    risk 0.51cvss 7.8epss 0.00

    Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd.

  • CVE-2021-20072HigFeb 16, 2021
    risk 0.47cvss 7.2epss 0.01

    Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral.

  • CVE-2021-20067MedFeb 16, 2021
    risk 0.35cvss 5.3epss 0.01

    Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication.

  • CVE-2021-20071MedFeb 16, 2021
    risk 0.31cvss 4.8epss 0.00

    Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs.

  • CVE-2021-20070MedFeb 16, 2021
    risk 0.31cvss 4.8epss 0.00

    Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs.

  • CVE-2021-20069MedFeb 16, 2021
    risk 0.31cvss 4.8epss 0.00

    Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs.

  • CVE-2021-20068MedFeb 16, 2021
    risk 0.31cvss 4.8epss 0.00

    Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages.