64 matches found
PT-2024-34367 · Digi · Digi Connectport Lts
Name of the Vulnerable Software and Affected Versions: Digi ConnectPort LTS versions prior to 1.4.12 Description: A Privilege Escalation issue exists in the file upload feature of Digi ConnectPort LTS. This allows an attacker on the local area network, with specific permissions, to upload and...
CVE-2024-50625
Digi ConnectPort LTS prior to 1.4.12 is affected by a vulnerability in the web application’s file upload handling that allows manipulation of the file path via POST requests. This can enable arbitrary file uploads within specific directories and potentially lead to privilege escalation when combi...
PT-2024-34366 · Digi · Digi Connectport Lts
Name of the Vulnerable Software and Affected Versions: Digi ConnectPort LTS versions prior to 1.4.12 Description: A Directory Traversal vulnerability exists in WebFS, allowing an attacker on the local area network to manipulate URLs to include traversal sequences, potentially leading to...
CVE-2024-50625
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload handling of a web application allows manipulation of file paths via POST requests. This can lead to arbitrary file uploads within specific directories, potentially enabling privilege escalation when...
PT-2024-34368 · Digi · Digi Connectport Lts
Name of the Vulnerable Software and Affected Versions: Digi ConnectPort LTS versions prior to 1.4.12 Description: An issue was discovered in the web services of Digi ConnectPort LTS, allowing an attacker on the local area network to achieve unauthorized manipulation of resources. This may lead to...
CVE-2024-50625
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload handling of a web application allows manipulation of file paths via POST requests. This can lead to arbitrary file uploads within specific directories, potentially enabling privilege escalation when...
CVE-2024-50627
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network with specific permissions to upload and execute malicious files, potentially leading to unauthorized system access...
Digi ConnectPort 安全漏洞
Digi ConnectPort is a server from Digital Networks Malaysia Digi Inc. It provides wireless communication. A security vulnerability exists in Digi ConnectPort versions prior to 1.4.12 that stems from allowing file path manipulation via POST requests, which can result in the upload of arbitrary fil...
CVE-2024-50628
An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues...
CVE-2024-50628
An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues...
CVE-2024-50627
Digi ConnectPort LTS, affected
CVE-2024-50628
CVE-2024-50628 affects Digi ConnectPort LTS web services prior to 1.4.12. The issue enables an attacker on the local network to perform unauthorized manipulation of resources, with potential remote code execution when combined with other issues. Affected product: Digi ConnectPort LTS (before 1.4....
Digi ConnectPort 安全漏洞
Digi ConnectPort is a server from Digital Networks Malaysia Digi Inc. It provides wireless communication. A security vulnerability exists in Digi ConnectPort versions prior to 1.4.12, which originated from a vulnerability that allows an attacker on a local area network LAN to achieve unauthorized...
CVE-2024-50626
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Directory Traversal vulnerability exists in WebFS. This allows an attacker on the local area network to manipulate URLs to include traversal sequences, potentially leading to unauthorized access to data...
CVE-2024-50627
An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network with specific permissions to upload and execute malicious files, potentially leading to unauthorized system access...
CVE-2024-50626
CVE-2024-50626 affects Digi ConnectPort LTS prior to 1.4.12. A WebFS directory traversal vulnerability allows an attacker on the same LAN to manipulate URLs to include traversal sequences, potentially yielding unauthorized access to data. Connected sources consistently describe the issue as a dir...
The vulnerability of microprogrammed software in Digi ConnectPort X2D port converters, related to access control errors, allows a hacker to execute arbitrary code.
The vulnerability of the microprogrammed software for Digi ConnectPort X2D converters is related to access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by loading specially crafted Python files...
CVE-2022-2634 Digi ConnectPort X2D
An attacker may be able to execute malicious actions due to the lack of device access protections and device permissions when using the web application. This could lead to uploading python files which can be later executed...
PT-2022-4007 · Digi · Digi Connectport X2E
Name of the Vulnerable Software and Affected Versions: Digi ConnectPort X2D affected versions not specified Description: The issue is related to errors in access control, allowing a remote attacker to execute arbitrary code by uploading specially crafted python files. This is due to the lack of...
Digi ConnectPort X2D 安全漏洞
The Digi ConnectPort X2D is a small gateway from Digi, Inc. It provides low-cost IP networking for RF devices and sensor networks. The Digi ConnectPort X2D suffers from a security vulnerability that stems from the web application's lack of device access protection and device privilege control...