Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
digi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2003-0589
admin.php in Digi-ads 1.1 allows remote malicious users to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password.
Digi-fx Digi-news 1.1
9.8
CVSSv3
CVE-2021-38412
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an malicious user to enable the SNMP service and manipulate the...
Digi Portserver Ts 16 Firmware 82000684
Digi Portserver Ts 16 Firmware 82000685
6.2
CVSSv3
CVE-2020-6973
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Multiple cross-site scripting vulnerabilities exist that could allow an malicious user to cause a denial-of-service condition.
Digi Connectport Lts 32 Mei Bios 1.2
Digi Connectport Lts 32 Mei Firmware 1.4.3
4.9
CVSSv3
CVE-2020-6975
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 (82002228_K 08/09/2018), bios Version 1.2. Successful exploitation of this vulnerability could allow an malicious user to upload a malicious file to the application.
Digi Connectport Lts 32 Mei Bios 1.2
Digi Connectport Lts 32 Mei Firmware 1.4.3
9.9
CVSSv3
CVE-2018-20162
Digi TransPort LR54 4.4.0.26 and possible earlier devices have Improper Input Validation that allows users with 'super' CLI access privileges to bypass a restricted shell and execute arbitrary commands as root.
Digi Transport Lr54 Firmware
1 Github repository
7.8
CVSSv3
CVE-2020-12878
Digi ConnectPort X2e prior to 3.2.30.6 allows an malicious user to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory.
Digi Connectport X2e Firmware
7.5
CVSSv3
CVE-2022-26952
Digi Passport Firmware up to and including 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page.
Digi Passport Firmware
7.5
CVSSv3
CVE-2022-26953
Digi Passport Firmware up to and including 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.
Digi Passport Firmware
7.7
CVSSv3
CVE-2017-18868
Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built.
Digi Xbee 2 Firmware -
9.8
CVSSv3
CVE-2022-2634
An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed.
Digi Connectport X2d Firmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4040
cross-site scripting
CVE-2023-25790
CVE-2024-2961
XML external entity
CVE-2024-26926
CVE-2024-32806
CVE-2024-32711
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »