CVE-2020-12878

Digi ConnectPort X2e before 3.2.30.6 allows an attacker to escalate privileges from the python user to root via a symlink attack that uses chown, related to /etc/init.d/S50dropbear.sh and the /WEB/python/.ssh directory...

EUVD-2020-5159

Malware in sbrugna...

CVE-2024-50626

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Directory Traversal vulnerability exists in WebFS. This allows an attacker on the local area network to manipulate URLs to include traversal sequences, potentially leading to unauthorized access to data...

CVE-2024-50625

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload handling of a web application allows manipulation of file paths via POST requests. This can lead to arbitrary file uploads within specific directories, potentially enabling privilege escalation when...

CVE-2024-50627

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network with specific permissions to upload and execute malicious files, potentially leading to unauthorized system access...

CVE-2024-50628

An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues...

CVE-2024-50628

An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues...

CVE-2024-50626

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Directory Traversal vulnerability exists in WebFS. This allows an attacker on the local area network to manipulate URLs to include traversal sequences, potentially leading to unauthorized access to data...

CVE-2024-50626

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Directory Traversal vulnerability exists in WebFS. This allows an attacker on the local area network to manipulate URLs to include traversal sequences, potentially leading to unauthorized access to data...

CVE-2024-50628

An issue was discovered in the web services of Digi ConnectPort LTS before 1.4.12. It allows an attacker on the local area network to achieve unauthorized manipulation of resources, which may lead to remote code execution when combined with other issues...

CVE-2024-50627

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network with specific permissions to upload and execute malicious files, potentially leading to unauthorized system access...

CVE-2024-50627

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A Privilege Escalation vulnerability exists in the file upload feature. It allows an attacker on the local area network with specific permissions to upload and execute malicious files, potentially leading to unauthorized system access...

CVE-2024-50625

An issue was discovered in Digi ConnectPort LTS before 1.4.12. A vulnerability in the file upload handling of a web application allows manipulation of file paths via POST requests. This can lead to arbitrary file uploads within specific directories, potentially enabling privilege escalation when...

PT-2024-34366 · Digi · Digi Connectport Lts

Name of the Vulnerable Software and Affected Versions: Digi ConnectPort LTS versions prior to 1.4.12 Description: A Directory Traversal vulnerability exists in WebFS, allowing an attacker on the local area network to manipulate URLs to include traversal sequences, potentially leading to...

CVE-2024-50628

CVE-2024-50628 affects Digi ConnectPort LTS web services prior to 1.4.12. The issue enables an attacker on the local network to perform unauthorized manipulation of resources, with potential remote code execution when combined with other issues. Affected product: Digi ConnectPort LTS (before 1.4....

CVE-2024-50627

Digi ConnectPort LTS, affected

CVE-2024-50626

CVE-2024-50626 affects Digi ConnectPort LTS prior to 1.4.12. A WebFS directory traversal vulnerability allows an attacker on the same LAN to manipulate URLs to include traversal sequences, potentially yielding unauthorized access to data. Connected sources consistently describe the issue as a dir...

PT-2024-34365 · Digi · Digi Connectport Lts

Name of the Vulnerable Software and Affected Versions: Digi ConnectPort LTS versions prior to 1.4.12 Description: A vulnerability in the file upload handling of a web application allows manipulation of file paths via POST requests to API endpoints such as /file/upload. This can lead to arbitrary...

Digi ConnectPort 安全漏洞

Digi ConnectPort is a server from Digital Networks Malaysia Digi Inc. It provides wireless communication. A security vulnerability exists in Digi ConnectPort versions prior to 1.4.12 that stems from allowing file path manipulation via POST requests, which can result in the upload of arbitrary fil...

Digi ConnectPort 安全漏洞

Digi ConnectPort is a server from Digital Networks Malaysia Digi Inc. It provides wireless communication. A security vulnerability exists in Digi ConnectPort versions prior to 1.4.12 that stems from a directory traversal vulnerability in WebFS, which could lead to unauthorized access to data...