RACOM M!DGE2 Privilege Escalation via SDK Testing Endpoint_CVE-2025-36729

7.2 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Description

A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid.

Basic Information

ID CVE-2025-36729

Source tenable

Published Aug 26, 2025 at 16:26

Affected Product

Vendor RACOM

Product M!DGE2

Version 4.0

Affected Versions RACOM M!DGE2 4.0

CWE Classification

CWE-269

References

www.tenable.com /security/research/tra-2025-25

{
    "lastseen": "",
    "description": "A non-primary administrator user with admin rights to the web interface but without shell access permissions can display configuration of the device including the master admin password. This vulnerability also allows the user to give themselves shell access with the root gid.",
    "published": "2025-08-26T16:26:08.624Z",
    "modified": "2025-08-26T16:26:08.624Z",
    "type": "cve",
    "title": "RACOM M!DGE2 Privilege Escalation via SDK Testing Endpoint",
    "source": "tenable",
    "references": "https://www.tenable.com/security/research/tra-2025-25",
    "id": "CVE-2025-36729",
    "bulletinFamily": "",
    "cwe": [
        "CWE-269"
    ],
    "cvelist": null,
    "sourceData": "RACOM M!DGE2 4.0",
    "sourceHref": "",
    "cvss": {
        "score": 7.2,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "M!DGE2",
    "version": "4.0",
    "vendor": "RACOM",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}