Vulnerabilities > Digi > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-08-31 | CVE-2023-4299 | Use of Password Hash Instead of Password for Authentication vulnerability in Digi products Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment. | 8.1 |
| 2021-10-08 | CVE-2021-35979 | Missing Authentication for Critical Function vulnerability in Digi products An issue was discovered in Digi RealPort through 4.8.488.0. | 8.1 |
| 2021-02-18 | CVE-2020-12878 | Link Following vulnerability in Digi Connectport X2E Firmware Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory. | 7.2 |