Vulnerabilities > Digi

DATE CVE VULNERABILITY TITLE RISK
2023-08-31 CVE-2023-4299 Unspecified vulnerability in Digi products
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.
network
high complexity
digi
8.1
2022-08-10 CVE-2022-2634 Unspecified vulnerability in Digi Connectport X2D Firmware
An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application.
network
low complexity
digi
critical
9.8
2022-04-06 CVE-2022-26952 Out-of-bounds Write vulnerability in Digi Passport Firmware 1.5.1.1
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page.
network
low complexity
digi CWE-787
7.5
2022-04-06 CVE-2022-26953 Out-of-bounds Write vulnerability in Digi Passport Firmware 1.5.1.1
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow.
network
low complexity
digi CWE-787
7.5
2021-12-10 CVE-2021-35978 Command Injection vulnerability in Digi products
An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR.
network
low complexity
digi CWE-77
critical
9.8
2021-12-10 CVE-2021-37187 Insufficiently Protected Credentials vulnerability in Digi products
An issue was discovered on Digi TransPort devices through 2021-07-21.
network
low complexity
digi CWE-522
6.5
2021-12-10 CVE-2021-37188 Insufficient Verification of Data Authenticity vulnerability in Digi products
An issue was discovered on Digi TransPort devices through 2021-07-21.
network
low complexity
digi CWE-345
8.8
2021-12-10 CVE-2021-37189 Missing Encryption of Sensitive Data vulnerability in Digi products
An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4.
network
low complexity
digi CWE-311
7.5
2021-10-08 CVE-2021-35977 Classic Buffer Overflow vulnerability in Digi products
An issue was discovered in Digi RealPort for Windows through 4.8.488.0.
network
low complexity
digi CWE-120
critical
9.8
2021-10-08 CVE-2021-35979 Missing Authentication for Critical Function vulnerability in Digi products
An issue was discovered in Digi RealPort through 4.8.488.0.
network
high complexity
digi CWE-306
8.1