| ADMDASH-R01 | Admin account takeover via phishing (Firebase Auth) | Low | Critical | Cloudflare Access as second auth layer; enforce MFA on all @ghasi.io accounts via Firebase | Security |
| ADMDASH-R02 | Accidental deletion of active SMPP operator | Medium | High | Deletion blocked if operator is referenced by active routing rules (422 from backend); confirmation dialog required | Frontend + Backend |
| ADMDASH-R03 | Routing rule reorder conflict between concurrent admins | Medium | Medium | 409 response handled with error toast + list re-sync; no silent data loss | Frontend Eng |
| ADMDASH-R04 | Analytics service outage causes blind dashboard | Medium | High | Stale data displayed with timestamp; alert banner; health page still functional independently | Platform Eng |
| ADMDASH-R05 | SMPP password exposed via browser dev tools during form fill | Low | High | Password field is a masked <input type="password">; never pre-populated; never logged | Frontend Eng |
| ADMDASH-R06 | Admin JWT leaked via Sentry error report | Low | Critical | beforeSend Sentry hook strips Authorization header, cookies, and all auth-related fields | Security |
| ADMDASH-R07 | Cloudflare Access misconfiguration exposes admin login to public internet | Low | Critical | Cloudflare Access policy reviewed quarterly; tested in staging before production changes | DevOps |
| ADMDASH-R08 | 30s polling causes inadvertent DDoS on analytics-service during incident | Low | Medium | Polling pauses when tab hidden; circuit breaker after 3 consecutive failures; exponential backoff | Frontend Eng |
| ADMDASH-R09 | Next.js breaking change in minor version | Low | Medium | Lock Next.js minor version; dedicated upgrade sprint | Frontend Eng |