Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication.
5.3CVSS
5.2AI Score
0.001EPSS
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages.
4.8CVSS
5AI Score
0.001EPSS
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs.
4.8CVSS
4.9AI Score
0.001EPSS
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs.
4.8CVSS
5.1AI Score
0.001EPSS
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs.
4.8CVSS
5.1AI Score
0.001EPSS
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral.
7.2CVSS
6.8AI Score
0.001EPSS
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries.
8.8CVSS
8.6AI Score
0.001EPSS
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands.
8.8CVSS
8.9AI Score
0.002EPSS
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd.
7.8CVSS
7.8AI Score
0.0004EPSS