Racom Midge Firmware
by Chatwoot
CVEs (9)
| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2021-20072 | 0.00 | — | 0.02 | Feb 16, 2021 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral. | ||
| CVE-2021-20071 | 0.00 | — | 0.00 | Feb 16, 2021 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs. | ||
| CVE-2021-20070 | 0.00 | — | 0.00 | Feb 16, 2021 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs. | ||
| CVE-2021-20075 | 0.00 | — | 0.00 | Feb 16, 2021 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd. | ||
| CVE-2021-20074 | 0.00 | — | 0.01 | Feb 16, 2021 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands. | ||
| CVE-2021-20073 | 0.00 | — | 0.00 | Feb 16, 2021 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries. | ||
| CVE-2021-20069 | 0.00 | — | 0.00 | Feb 16, 2021 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs. | ||
| CVE-2021-20068 | 0.00 | — | 0.00 | Feb 16, 2021 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages. | ||
| CVE-2021-20067 | 0.00 | — | 0.00 | Feb 16, 2021 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication. |
- CVE-2021-20072Feb 16, 2021risk 0.00cvss —epss 0.02
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral.
- CVE-2021-20071Feb 16, 2021risk 0.00cvss —epss 0.00
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs.
- CVE-2021-20070Feb 16, 2021risk 0.00cvss —epss 0.00
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs.
- CVE-2021-20075Feb 16, 2021risk 0.00cvss —epss 0.00
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd.
- CVE-2021-20074Feb 16, 2021risk 0.00cvss —epss 0.01
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands.
- CVE-2021-20073Feb 16, 2021risk 0.00cvss —epss 0.00
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries.
- CVE-2021-20069Feb 16, 2021risk 0.00cvss —epss 0.00
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs.
- CVE-2021-20068Feb 16, 2021risk 0.00cvss —epss 0.00
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages.
- CVE-2021-20067Feb 16, 2021risk 0.00cvss —epss 0.00
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication.