Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-02-16
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-02-16
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-02-16
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral.
CVSS Score
7.2
EPSS Score
0.013
Published
2021-02-16
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries.
CVSS Score
8.8
EPSS Score
0.001
Published
2021-02-16
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands.
CVSS Score
8.8
EPSS Score
0.006
Published
2021-02-16
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd.
CVSS Score
7.8
EPSS Score
0.0
Published
2021-02-16
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication.
CVSS Score
5.3
EPSS Score
0.002
Published
2021-02-16
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages.
CVSS Score
4.8
EPSS Score
0.002
Published
2021-02-16