Aggregates CVE and security vulnerability intelligence across all racom-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting, vendor risk csrf, and vendor risk path handling and related problems; some flaws may lead to vendor impact session compromise and vendor impact file overwrite.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2021-20075 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd. | [email protected] | 7.8 | 0.04% | 2021-02-16 | 2024-11-21 |
| CVE-2021-20074 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands. | [email protected] | 8.8 | 0.56% | 2021-02-16 | 2024-11-21 |
| CVE-2021-20073 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries. | [email protected] | 8.8 | 0.07% | 2021-02-16 | 2024-11-21 |
| CVE-2021-20072 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral. | [email protected] | 7.2 | 1.89% | 2021-02-16 | 2024-11-21 |
| CVE-2021-20071 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs. | [email protected] | 4.8 | 0.21% | 2021-02-16 | 2024-11-21 |
| CVE-2021-20070 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs. | [email protected] | 4.8 | 0.21% | 2021-02-16 | 2024-11-21 |
| CVE-2021-20069 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs. | [email protected] | 4.8 | 0.21% | 2021-02-16 | 2024-11-21 |
| CVE-2021-20068 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages. | [email protected] | 4.8 | 0.21% | 2021-02-16 | 2024-11-21 |
| CVE-2021-20067 | Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication. | [email protected] | 5.3 | 0.19% | 2021-02-16 | 2024-11-21 |