Vulnerabilities > CVE-2022-26953 - Out-of-bounds Write vulnerability in Digi Passport Firmware

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
NONE
Availability impact
PARTIAL
network
low complexity
digi
CWE-787

Summary

Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.

Vulnerable Configurations

Part Description Count
OS
Digi
1
Hardware
Digi
1

Common Weakness Enumeration (CWE)