M\!dge_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
M\!dge_firmware
(Racom)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	9

Date	Id	Summary	Products	Score	Patch	Annotated
2021-02-16	CVE-2021-20067	Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to view sensitive syslog events without authentication.	M\!dge_firmware	5.3
2021-02-16	CVE-2021-20068	Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the error handling functionality of web pages.	M\!dge_firmware	4.8
2021-02-16	CVE-2021-20069	Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scripting attacks via the regionalSettings.php dialogs.	M\!dge_firmware	4.8
2021-02-16	CVE-2021-20070	Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the virtualization.php dialogs.	M\!dge_firmware	4.8
2021-02-16	CVE-2021-20071	Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to conduct cross-site scriptings attacks via the sms.php dialogs.	M\!dge_firmware	4.8
2021-02-16	CVE-2021-20072	Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows attackers to arbitrarily access and delete files via an authenticated directory traveral.	M\!dge_firmware	7.2
2021-02-16	CVE-2021-20073	Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for cross-site request forgeries.	M\!dge_firmware	8.8
2021-02-16	CVE-2021-20074	Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided command line interface and execute arbitrary OS commands.	M\!dge_firmware	8.8
2021-02-16	CVE-2021-20075	Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows for privilege escalation via configd.	M\!dge_firmware	7.8