Lucene search

M!Dge Firmware Security Vulnerabilities

cve

CVE-2021-20067

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication.

5.3CVSS

5.2AI Score

0.001EPSS

2021-02-16 08:15 PM

cve

CVE-2021-20068

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages.

4.8CVSS

5AI Score

0.001EPSS

2021-02-16 08:15 PM

cve

CVE-2021-20069

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs.

4.8CVSS

4.9AI Score

0.001EPSS

2021-02-16 08:15 PM

cve

CVE-2021-20070

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs.

4.8CVSS

5.1AI Score

0.001EPSS

2021-02-16 08:15 PM

cve

CVE-2021-20071

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs.

4.8CVSS

5.1AI Score

0.001EPSS

2021-02-16 08:15 PM

cve

CVE-2021-20072

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral.

7.2CVSS

6.8AI Score

0.001EPSS

2021-02-16 08:15 PM

cve

CVE-2021-20073

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries.

8.8CVSS

8.6AI Score

0.001EPSS

2021-02-16 08:15 PM

cve

CVE-2021-20074

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands.

8.8CVSS

8.9AI Score

0.002EPSS

2021-02-16 08:15 PM

cve

CVE-2021-20075

Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd.

7.8CVSS

7.8AI Score

0.0004EPSS

2021-02-16 08:15 PM