Connectport X2E Firmware

DATE	CVE	VULNERABILITY TITLE	RISK
2021-02-18	CVE-2020-12878	Link Following vulnerability in Digi Connectport X2E Firmware Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory. local low complexity digi CWE-59	7.2

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.