Vulnerabilities > Digi > CM Firmware > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-10-08 | CVE-2021-36767 | Use of Password Hash With Insufficient Computational Effort vulnerability in Digi products In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. | 9.8 |
| 2021-10-08 | CVE-2021-35977 | Classic Buffer Overflow vulnerability in Digi products An issue was discovered in Digi RealPort for Windows through 4.8.488.0. | 9.8 |