Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digi vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2003-0589
admin.php in Digi-ads 1.1 allows remote malicious users to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.
Digi-fx Digi-news 1.1
7.5
CVSSv2
CVE-2021-38412
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an malicious user to enable the SNMP service and manipulate the...
Digi Portserver Ts 16 Firmware 82000684
Digi Portserver Ts 16 Firmware 82000685
6.3
CVSSv2
CVE-2020-6973
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Multiple cross-site scripting vulnerabilities exist that could allow an malicious user to cause a denial-of-service condition.
Digi Connectport Lts 32 Mei Bios 1.2
Digi Connectport Lts 32 Mei Firmware 1.4.3
4
CVSSv2
CVE-2020-6975
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Successful exploitation of this vulnerability could allow an malicious user to upload a malicious file to the application.
Digi Connectport Lts 32 Mei Bios 1.2
Digi Connectport Lts 32 Mei Firmware 1.4.3
5.5
CVSSv2
CVE-2017-18868
Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built.
Digi Xbee 2 Firmware -
9
CVSSv2
CVE-2018-20162
Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root.
Digi Transport Lr54 Firmware
1 Github repository
NA
CVE-2022-2634
An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed.
Digi Connectport X2d Firmware
7.2
CVSSv2
CVE-2020-12878
Digi ConnectPort X2e prior to 3.2.30.6 allows an malicious user to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.
Digi Connectport X2e Firmware
5
CVSSv2
CVE-2022-26952
Digi Passport Firmware up to and including 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page.
Digi Passport Firmware
5
CVSSv2
CVE-2022-26953
Digi Passport Firmware up to and including 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.
Digi Passport Firmware
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-2907
hardcoded
inject
CVE-2024-20359
CVE-2024-2467
CVE-2024-4077
CVE-2024-22391
camera
CVE-2024-20353
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »