Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:digi:one_iap_firmware:-:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2023-4299 |
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment. Published: August 31, 2023; 5:15:09 PM -0400 |
V3.1: 8.1 HIGH V2.0:(not available) |
CVE-2021-36767 |
In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server. Published: October 08, 2021; 11:15:09 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 7.5 HIGH |