MidnightBSD

Advisories for digi

CVE-2004-1973 MEDIUM

DiGi Web Server allows remote attackers to cause a denial of service (CPU consumption) via an HTTP GET request that contains a large number of / (slash) characters, which consumes resources when DiGi converts the slashes to \ (backslash) characters.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
digi www_server compieuw
CVE-2017-18868 MEDIUM

Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.7 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N 3.1 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-276,

Products Affected

Vendor Product Version
digi xbee_2_firmware -
CVE-2018-20162 HIGH

Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-20,

Products Affected

Vendor Product Version
digi transport_lr54_firmware *
CVE-2019-18859 MEDIUM

Digi AnywhereUSB 14 allows XSS via a link for the Digi Page.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
digi anywhereusb/14_firmware 1.93.21.19
CVE-2020-10136 MEDIUM

IP-in-IP protocol specifies IP Encapsulation within IP standard (RFC 2003, STD 1) that decapsulate and route IP-in-IP traffic is vulnerable to spoofing, access-control bypass and other unexpected behavior due to the lack of validation to verify network packets before decapsulation and routing.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-290,CWE-290,

Products Affected

Vendor Product Version
cisco nx-os 5.2(1)sv5(1.3)
cisco nx-os 6.1(2)i2(2a)
cisco nx-os 7.1(4)n1(1c)
cisco nx-os 6.0(2)n2(5)
cisco nx-os 7.3(1)n1(1)
cisco nx-os 5.2(1)sv3(1.3)
cisco nx-os 5.2(1)n1(8b)
cisco nx-os 7.1(3)n1(2a)
cisco nx-os 5.0(3)u5(1b)
cisco nx-os 5.2(5)
cisco nx-os 7.1(3)n1(4)
cisco nx-os 5.0(3)u4(1)
cisco nx-os 7.3(7)n1(1)
cisco nx-os 5.0(3)a1(2)
cisco nx-os 5.2(1)sk3(2.1a)
cisco nx-os 6.0(2)a3(2)
cisco nx-os 5.2(1)n1(9a)
cisco nx-os 5.2(3a)
cisco nx-os 7.1(0)n1(1)
cisco nx-os 6.1(2)i2(3)
cisco nx-os 5.2(1)n1(9b)
cisco nx-os 5.0(3)u3(2b)
cisco nx-os 5.2(1)sv3(1.1)
cisco nx-os 6.0(2)u3(4)
cisco nx-os 5.2(1)n1(3)
cisco nx-os 6.0(2)a4(5)
cisco nx-os 7.3(2)d1(1d)
cisco nx-os 5.0(3)u2(2a)
cisco nx-os 7.1(0)n1(1a)
cisco nx-os 6.0(2)n1(1)
cisco nx-os 6.2(18)
cisco nx-os 5.2(1)sm1(5.2a)
cisco nx-os 5.0(3)u2(1)
cisco nx-os 7.3(4)n1(1)
cisco nx-os 7.2(2)d1(4)
cisco nx-os 5.2(1)sv3(3.1)
cisco nx-os 6.1(2)i1(2)
cisco nx-os 5.2(1)sv3(1.5b)
cisco nx-os 6.2(6)
cisco nx-os 5.2(1)sk3(1.1)
cisco nx-os 6.0(2)u2(4)
cisco nx-os 5.2(1)n1(4)
cisco nx-os 6.0(2)u3(5)
cisco nx-os 5.0(3)u3(2a)
cisco nx-os 7.0(2)n1(1)
cisco nx-os 6.0(2)u4(4)
cisco nx-os 7.3(4)n1(1a)
cisco nx-os 5.0(3)u3(1)
cisco nx-os 5.2(1)sm1(5.2b)
cisco nx-os 5.2(1)sv3(1.6)
treck tcp/ip *
cisco nx-os 5.2(1)n1(9)
cisco nx-os 7.0(8)n1(1a)
cisco nx-os 6.0(2)u2(6)
cisco nx-os 5.0(3)a1(2a)
cisco nx-os 6.0(2)u3(2)
cisco nx-os 7.1(1)n1(1)
cisco nx-os 6.0(2)n2(5b)
cisco nx-os 6.2(8b)
cisco nx-os 7.1(3)n1(5)
cisco nx-os 5.0(3)u5(1h)
cisco nx-os 6.0(2)u1(1a)
cisco ucs_manager 3.2(3n)a
cisco nx-os 7.1(0)n1(1b)
cisco nx-os 7.0(7)n1(1)
cisco nx-os 6.2(22)
cisco nx-os 6.2(24)
cisco nx-os 6.0(2)n1(2a)
cisco nx-os 5.2(1)sv3(4.1b)
cisco nx-os 6.2(8a)
cisco nx-os 7.0(7)n1(1a)
cisco nx-os 5.2(1)sv5(1.2)
digi saros *
cisco nx-os 7.0(7)n1(1b)
cisco nx-os 5.2(1)n1(1)
cisco nx-os 5.2(1)n1(6)
cisco nx-os 7.0(3)i1(1z)
cisco nx-os 6.0(2)u3(6)
cisco nx-os 5.2(1)sv3(1.4)
cisco nx-os 7.3(2)n1(1b)
cisco nx-os 5.2(1)n1(2a)
cisco nx-os 7.1(5)n1(1b)
cisco nx-os 6.0(2)a4(4)
cisco nx-os 6.1(2)i1(3)
cisco nx-os 5.0(3)u1(2a)
cisco nx-os 7.2(1)n1(1)
cisco nx-os 6.0(2)u3(9)
cisco nx-os 7.3(2)d1(3)
cisco nx-os 6.0(2)a1(1b)
cisco nx-os 6.0(2)a1(1e)
cisco nx-os 6.0(2)u1(1)
cisco nx-os 6.1(2)i3(2)
cisco nx-os 6.0(2)u2(2)
cisco nx-os 6.2(20a)
cisco nx-os 7.1(4)n1(1)
cisco nx-os 5.0(3)u5(1i)
cisco nx-os 6.0(2)a1(1)
cisco nx-os 6.0(2)u4(3)
cisco nx-os 6.0(2)a3(1)
cisco nx-os 7.1(3)n1(1)
cisco nx-os 5.2(1)n1(8)
cisco nx-os 5.0(3)u5(1f)
cisco nx-os 6.0(2)n1(2)
cisco nx-os 6.0(2)n2(3)
cisco nx-os 7.0(4)n1(1a)
cisco nx-os 7.3(2)n1(1)
cisco nx-os 6.0(2)a3(4)
cisco nx-os 5.2(1)sv3(2.5)
cisco nx-os 7.0(4)n1(1)
cisco nx-os 5.2(1)sm1(5.2)
cisco nx-os 5.2(1)sv3(1.5a)
cisco nx-os 7.0(6)n1(4s)
cisco nx-os 5.2(1)sm3(1.1a)
cisco nx-os 7.2(2)d1(1)
cisco nx-os 7.3(4)d1(1)
cisco nx-os 6.0(2)n2(4)
cisco nx-os 6.2(16)
cisco nx-os 7.0(0)n1(1)
cisco nx-os 5.0(3)u5(1)
cisco nx-os 5.0(3)u1(1c)
cisco nx-os 7.3(5)d1(1)
cisco nx-os 7.3(6)n1(1a)
cisco nx-os 6.0(2)n2(6)
cisco nx-os 6.1(2)i2(2b)
cisco nx-os 5.0(3)a1(1)
cisco nx-os 7.0(6)n1(3s)
cisco nx-os 6.0(2)n1(1a)
cisco nx-os 6.0(2)u5(1)
cisco nx-os 5.2(1)sv5(1.1)
cisco nx-os 7.3(6)n1(1)
cisco nx-os 7.3(0)n1(1b)
cisco nx-os 7.1(4)n1(1a)
cisco nx-os 5.2(1)sv3(1.15)
cisco nx-os 7.0(5)n1(1)
cisco nx-os 5.0(3)u2(2)
cisco nx-os 6.2(8)
cisco nx-os 5.0(3)u1(1b)
cisco nx-os 5.2(1)n1(1a)
cisco nx-os 6.1(2)i2(2)
cisco nx-os 7.3(2)d1(2)
cisco nx-os 6.0(2)u4(2)
cisco nx-os 6.2(6b)
cisco nx-os 7.1(1)n1(1a)
cisco nx-os 7.3(3)d1(1)
cisco nx-os 5.2(1)n1(1b)
cisco nx-os 5.0(3)u5(1a)
cisco nx-os 6.1(2)i3(3a)
cisco nx-os 6.2(14)
cisco nx-os 5.2(1)sv3(3.15)
cisco nx-os 6.0(2)a1(1d)
cisco nx-os 7.3(0)d1(1)
cisco nx-os 5.0(3)u1(1d)
cisco nx-os 6.0(2)u3(8)
cisco nx-os 5.2(1)sk3(2.2b)
cisco nx-os 5.2(1)n1(5)
cisco nx-os 5.2(1)sv3(2.8)
cisco nx-os 6.2(10)
cisco nx-os 5.2(7)
cisco nx-os 5.2(1)sv3(1.10)
cisco nx-os 6.0(2)a1(2d)
cisco nx-os 7.3(2)d1(1)
cisco nx-os 5.2(1)sm1(5.1)
cisco nx-os 5.0(3)u1(2)
cisco nx-os 5.2(4)
cisco nx-os 6.0(2)n2(7)
cisco nx-os 6.0(2)a4(6)
cisco nx-os 5.0(3)u5(1g)
cisco nx-os 7.2(1)d1(1)
cisco nx-os 5.0(3)u5(1d)
cisco nx-os 7.0(3)n1(1)
cisco nx-os 5.2(1)sm3(1.1c)
cisco nx-os 6.0(2)u1(2)
cisco nx-os 7.0(6)n1(2s)
cisco nx-os 7.0(3)i1(1b)
cisco nx-os 7.3(1)d1(1)
cisco nx-os 5.0(3)u5(1e)
cisco nx-os 7.1(2)n1(1)
cisco nx-os 7.0(3)i1(1a)
cisco nx-os 5.0(3)u2(2c)
cisco nx-os 5.2(1)sm3(1.1b)
cisco nx-os 5.2(1)sm3(2.1)
cisco nx-os 5.2(1)sv3(1.4b)
cisco nx-os 6.0(2)u2(4.92.4z)
cisco nx-os 5.0(3)u3(2)
cisco nx-os 5.2(1)sv3(1.2)
cisco nx-os 6.0(2)n2(2)
cisco nx-os 7.2(2)d1(3)
cisco nx-os 7.0(3)i1(1)
cisco nx-os 7.1(3)n1(3)
cisco nx-os 6.0(2)n2(1b)
cisco nx-os 5.2(1)sm3(1.1)
cisco nx-os 5.0(3)u5(1j)
cisco nx-os 6.0(2)a1(1c)
cisco nx-os 6.0(2)u4(1)
cisco nx-os 6.0(2)u3(1)
cisco nx-os 7.1(4)n1(1d)
cisco nx-os 7.3(3)n1(1)
cisco nx-os 7.3(0)n1(1)
cisco nx-os 5.2(1)n1(8a)
cisco nx-os 6.0(2)a1(1a)
cisco nx-os 7.2(2)d1(2)
cisco nx-os 5.0(3)u1(1a)
cisco nx-os 6.0(2)a4(3)
cisco nx-os 6.0(2)u3(3)
cisco nx-os 7.3(0)n1(1a)
cisco nx-os 7.0(8)n1(1)
cisco nx-os 5.2(1)sm1(5.2c)
cisco nx-os 7.0(5)n1(1a)
cisco nx-os 7.1(5)n1(1)
cisco nx-os 7.3(2)n1(1c)
cisco nx-os 6.2(12)
cisco nx-os 7.0(6)n1(1)
cisco nx-os 5.2(1)sk3(2.2)
cisco nx-os 6.1(2)i3(3)
cisco nx-os 6.2(2a)
cisco nx-os 6.2(2)
cisco nx-os 7.3(5)n1(1)
cisco nx-os 6.1(2)i3(1)
cisco nx-os 6.0(2)a4(2)
cisco nx-os 5.2(9)
cisco unified_computing_system -
cisco nx-os 7.3(7)n1(1a)
cisco nx-os 5.2(9a)
cisco nx-os 7.1(2)n1(1a)
cisco nx-os 5.2(1)n1(7)
hp x3220nr_firmware *
cisco nx-os 5.0(3)u2(2d)
cisco nx-os 5.2(1)sv3(4.1a)
cisco nx-os 6.0(2)n2(1)
cisco nx-os 5.0(3)u2(2b)
cisco nx-os 6.0(2)a4(1)
cisco nx-os 6.0(2)a1(1f)
cisco nx-os 6.1(2)i2(1)
cisco nx-os 6.0(2)u2(3)
cisco nx-os 6.0(2)u1(4)
cisco nx-os 6.2(14a)
cisco nx-os 6.2(20)
cisco nx-os 7.3(0)dx(1)
cisco nx-os 7.2(0)d1(1)
cisco nx-os 5.2(3)
cisco nx-os 5.2(1)sv3(2.1)
cisco nx-os 6.0(2)u2(1)
cisco nx-os 5.2(1)sv3(4.1)
cisco nx-os 6.0(2)u2(5)
cisco nx-os 7.3(6)d1(1)
cisco nx-os 5.2(1)sk3(2.1)
cisco nx-os 5.0(3)u5(1c)
cisco nx-os 6.2(6a)
cisco nx-os 7.3(2)d1(3a)
cisco nx-os 5.2(1)
cisco nx-os 7.1(3)n1(2)
cisco nx-os 6.0(2)n2(5a)
cisco nx-os 5.0(3)u1(1)
cisco nx-os 5.2(1)n1(2)
cisco nx-os 7.0(1)n1(1)
cisco nx-os 6.2(14b)
cisco nx-os 6.0(2)u3(7)
cisco nx-os 6.0(2)u1(3)
CVE-2020-12878 HIGH

Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.8 HIGH CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 1.8 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-59,

Products Affected

Vendor Product Version
digi connectport_x2e_firmware *
CVE-2020-6973 MEDIUM

Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Multiple cross-site scripting vulnerabilities exist that could allow an attacker to cause a denial-of-service condition.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.2 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:N/I:N/A:H 1.7 4.0

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,CWE-79,

Products Affected

Vendor Product Version
digi connectport_lts_32_mei_bios 1.2
digi connectport_lts_32_mei_firmware 1.4.3
CVE-2020-6975 MEDIUM

Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.9 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N 1.2 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-434,CWE-434,

Products Affected

Vendor Product Version
digi connectport_lts_32_mei_bios 1.2
digi connectport_lts_32_mei_firmware 1.4.3
CVE-2020-8822 LOW

Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
digi transport_wr21_firmware 5.2.2.3
digi transport_wr44_firmware 5.1.6.4
digi transport_wr44_firmware 5.1.6.9
CVE-2021-35977 HIGH

An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-120,

Products Affected

Vendor Product Version
digi wr21_firmware *
digi connectport_ts_8/16_firmware *
digi transport_wr11_xt_firmware *
digi passport_integrated_console_server_firmware *
digi portserver_ts_m_mei_firmware *
digi 6350-sr_firmware *
digi wr44_r_firmware *
digi portserver_ts_mei_hardened_firmware *
digi portserver_ts_p_mei_firmware *
digi portserver_ts_mei_firmware *
digi one_ia_firmware *
digi connect_es_firmware *
digi portserver_ts_firmware *
digi connectport_lts_8/16/32_firmware *
digi one_iap_family_firmware *
digi realport *
digi wr31_firmware *
digi cm_firmware *
CVE-2021-35978 HIGH

An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, adding/removing users, disabling the internal firewall, etc.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-77,

Products Affected

Vendor Product Version
digi transport_wr41_firmware *
digi transport_dr64_firmware *
digi transport_wr11_firmware *
digi transport_vc74_firmware *
digi transport_wr31_firmware *
digi transport_wr11_xt_firmware *
digi transport_wr44_firmware *
digi transport_sr44_firmware *
digi transport_wr21_firmware *
CVE-2021-35979 MEDIUM

An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-306,

Products Affected

Vendor Product Version
digi wr21_firmware *
digi connectport_ts_8/16_firmware *
digi transport_wr11_xt_firmware *
digi passport_integrated_console_server_firmware *
digi portserver_ts_m_mei_firmware *
digi 6350-sr_firmware *
digi wr44_r_firmware *
digi portserver_ts_mei_hardened_firmware *
digi portserver_ts_p_mei_firmware *
digi portserver_ts_mei_firmware *
digi one_ia_firmware *
digi connect_es_firmware *
digi portserver_ts_firmware *
digi connectport_lts_8/16/32_firmware *
digi one_iap_family_firmware *
digi realport *
digi wr31_firmware *
digi cm_firmware *
CVE-2021-36767 HIGH

In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-916,

Products Affected

Vendor Product Version
digi wr21_firmware *
digi connectcore_8x_som_dualxz_firmware *
digi one_iap_firmware *
digi one_iap_haz_firmware *
digi connectport_ts_8/16_firmware *
digi transport_wr11_xt_firmware *
digi passport_integrated_console_server_firmware *
digi portserver_ts_m_mei_firmware *
digi 6350-sr_firmware *
digi connectcore_8x_sbc_pro_firmware *
digi wr44_r_firmware *
digi portserver_ts_mei_hardened_firmware *
digi portserver_ts_p_mei_firmware *
digi connectcore_8x_som_quadxplus_firmware *
digi portserver_ts_mei_firmware *
digi one_ia_firmware *
digi connect_es_firmware *
digi portserver_ts_firmware *
digi connectport_lts_8/16/32_firmware *
digi realport *
digi wr31_firmware *
digi cm_firmware *
CVE-2021-37187 MEDIUM

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file (with reversible passwords) from the device, which allows decoding of other users' passwords.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N 2.8 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-522,

Products Affected

Vendor Product Version
digi transport_wr41_firmware *
digi transport_dr64_firmware *
digi transport_wr11_firmware *
digi transport_dr64_firmware -
digi transport_vc74_firmware *
digi transport_wr31_firmware *
digi transport_wr11_xt_firmware *
digi transport_wr44_firmware *
digi transport_wr21_firmware *
CVE-2021-37188 MEDIUM

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may load customized firmware (because the bootloader does not verify that it is authentic), changing the behavior of the gateway.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.8 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-345,

Products Affected

Vendor Product Version
digi transport_wr41_firmware *
digi transport_dr64_firmware *
digi transport_wr11_firmware *
digi transport_dr64_firmware -
digi transport_vc74_firmware *
digi transport_wr31_firmware *
digi transport_wr11_xt_firmware *
digi transport_wr44_firmware *
digi transport_wr21_firmware *
CVE-2021-37189 MEDIUM

An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. They do not set the Secure attribute for sensitive cookies in HTTPS sessions, which could cause the user agent to send those cookies in cleartext over an HTTP session.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-311,

Products Affected

Vendor Product Version
digi transport_wr41_firmware *
digi transport_wr11_firmware *
digi transport_wr31_firmware *
digi transport_wr11_xt_firmware *
digi transport_wr44_firmware *
digi transport_wr21_firmware *
CVE-2021-38412 HIGH

Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to achieve further control in.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
ics-cert@hq.dhs.gov 9.6 CRITICAL CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L 2.8 6.0

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,CWE-306,

Products Affected

Vendor Product Version
digi portserver_ts_16_firmware 82000684
digi portserver_ts_16_firmware 82000685
CVE-2022-2634

An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9
ics-cert@hq.dhs.gov 10.0 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H 3.9 6.0

Products Affected

Vendor Product Version
digi connectport_x2d_firmware *
CVE-2022-26952 MEDIUM

Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
digi passport_firmware *
CVE-2022-26953 MEDIUM

Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.5 HIGH CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H 3.9 3.6

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-787,

Products Affected

Vendor Product Version
digi passport_firmware *
CVE-2023-4299

Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H 2.2 5.9
ics-cert@hq.dhs.gov 9.0 CRITICAL CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H 2.2 6.0

Products Affected

Vendor Product Version
digi one_iap_firmware -
digi connectport_ts_8/16_firmware *
digi wr21_firmware -
digi portserver_ts_firmware -
digi portserver_ts_m_mei_firmware -
digi one_sp_ia_firmware -
digi one_sp_firmware -
digi portserver_ts_mei_hardened_firmware -
digi portserver_ts_p_mei_firmware -
digi connect_sp_firmware -
digi portserver_ts_mei_firmware -
digi cm_firmware -
digi wr31_firmware -
digi wr44_r_firmware -
digi connect_es_firmware *
digi passport_firmware -
digi connectport_lts_8/16/32_firmware *
digi transport_wr11_xt_firmware -
digi realport *
digi one_ia_firmware -
CVE-2024-50625

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload handling of a web application allows manipulation of file paths via POST requests. This can lead to arbitrary file uploads within specific directories, potentially enabling privilege escalation when combined with other vulnerabilities.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.0 HIGH CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H 2.1 5.9

Products Affected

Vendor Product Version
digi connectport_lts_firmware *
CVE-2024-50626

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Directory Traversal vulnerability exists in WebFS. This allows an attacker on the local area network to manipulate URLs to include traversal sequences, potentially leading to unauthorized access to data.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
digi connectport_lts_firmware *
CVE-2024-50627

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network (with specific permissions) to upload and execute malicious files, potentially leading to unauthorized system access.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
digi connectport_lts_firmware *
CVE-2024-50628

An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
134c704f-9b21-4f2e-91b3-4a467353bcc0 8.8 HIGH CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 2.8 5.9

Products Affected

Vendor Product Version
digi connectport_lts_firmware *