Vulnerabilities > Digi > Transport Wr21 Firmware > 5.2.2.3

DATE CVE VULNERABILITY TITLE RISK
2021-12-10 CVE-2021-35978 Command Injection vulnerability in Digi products
An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR.
network
low complexity
digi CWE-77
critical
 10.0
10
2021-12-10 CVE-2021-37187 Insufficiently Protected Credentials vulnerability in Digi products
An issue was discovered on Digi TransPort devices through 2021-07-21.
network
low complexity
digi CWE-522
4.0
4.0
2021-12-10 CVE-2021-37188 Insufficient Verification of Data Authenticity vulnerability in Digi products
An issue was discovered on Digi TransPort devices through 2021-07-21.
network
low complexity
digi CWE-345
6.5
6.5
2021-12-10 CVE-2021-37189 Missing Encryption of Sensitive Data vulnerability in Digi products
An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4.
network
low complexity
digi CWE-311
5.0
5.0
2020-02-10 CVE-2020-8822 Cross-site Scripting vulnerability in Digi Transport Wr21 Firmware and Transport Wr44 Firmware
Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application.
network
digi CWE-79
3.5
3.5