Vulnerabilities > Digi
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2023-4299 | Use of Password Hash Instead of Password for Authentication vulnerability in Digi products Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment. | 8.1 |
| 2022-08-10 | CVE-2022-2634 | Execution with Unnecessary Privileges vulnerability in Digi Connectport X2D Firmware An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. | 9.8 |
| 2022-04-06 | CVE-2022-26952 | Out-of-bounds Write vulnerability in Digi Passport Firmware 1.5.1.1 Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page. | 7.5 |
| 2022-04-06 | CVE-2022-26953 | Out-of-bounds Write vulnerability in Digi Passport Firmware 1.5.1.1 Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. | 7.5 |
| 2021-12-10 | CVE-2021-35978 | Command Injection vulnerability in Digi products An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. | 9.8 |
| 2021-12-10 | CVE-2021-37187 | Insufficiently Protected Credentials vulnerability in Digi products An issue was discovered on Digi TransPort devices through 2021-07-21. | 6.5 |
| 2021-12-10 | CVE-2021-37188 | Insufficient Verification of Data Authenticity vulnerability in Digi products An issue was discovered on Digi TransPort devices through 2021-07-21. | 8.8 |
| 2021-12-10 | CVE-2021-37189 | Missing Encryption of Sensitive Data vulnerability in Digi products An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. | 7.5 |
| 2021-10-08 | CVE-2021-35977 | Classic Buffer Overflow vulnerability in Digi products An issue was discovered in Digi RealPort for Windows through 4.8.488.0. | 9.8 |
| 2021-10-08 | CVE-2021-35979 | Missing Authentication for Critical Function vulnerability in Digi products An issue was discovered in Digi RealPort through 4.8.488.0. | 8.1 |