40 matches found
EUVD-2021-23355
Malware in sbrugna...
EUVD-2021-22610
Malware in sbrugna...
EUVD-2021-22612
Malware in sbrugna...
EUVD-2023-54170
Malicious code in bioql PyPI...
CVE-2021-35977
An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response messages. This could result in arbitrary code execution...
CVE-2021-36767
In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's...
CVE-2021-35979
An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not perform authentication...
CVE-2023-4299
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment...
CVE-2023-4299
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment...
Authentication flaw
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment...
CVE-2023-4299
CVE-2023-4299 describes a replay attack in Digi RealPort Protocol that can bypass authentication to access connected equipment. The vulnerability affects a wide range of Digi devices and software using RealPort, due to using a password hash instead of the actual password for authentication. The I...
CVE-2023-4299 Digi RealPort Protocol Use of Password Hash Instead of Password for Authentication
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment...
CVE-2023-4299 Digi RealPort Protocol Use of Password Hash Instead of Password for Authentication
Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment...
Digi RealPort Protocol
1. EXECUTIVE SUMMARY CVSS v3 9.0 ATTENTION: Exploitable remotely Vendor: Digi International, Inc. Equipment: Digi RealPort Protocol Vulnerability: Use of Password Hash Instead of Password for Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability could allow the...
PT-2023-5295 · Digi · Digi Realport
Name of the Vulnerable Software and Affected Versions: Digi RealPort affected versions not specified Description: The issue is related to the use of a password hash instead of the password itself for authentication, which can be exploited by an attacker to compromise the target system. It is also...
Digi RealPort 安全漏洞
Digi RealPort is a proprietary Serial-over-LAN encapsulation protocol. It provides virtual connectivity to serial devices anywhere on the network by encapsulating ICS protocol data in a TCP-based protocol. A security vulnerability exists in the Digi RealPort Protocol that stems from vulnerability...
Digi RealPort has an unspecified vulnerability (CNVD-2021-103406)
Digi RealPort is a proprietary Serial-over-LAN encapsulation protocol. A security vulnerability exists in versions prior to Digi RealPort 4.8.488.0 due to a buffer overflow in the software's handling of ADDP discovery response messages, which could be exploited by an attacker to cause the executi...
Digi RealPort has an unspecified vulnerability
Digi RealPort is a proprietary Serial-over-LAN encapsulation protocol. It provides virtual connectivity to serial devices anywhere on the network by encapsulating ICS protocol data in a TCP-based protocol.A security vulnerability exists in Digi RealPort that could be exploited by an attacker to...
Digi RealPort Licensing Issue Vulnerability
Digi RealPort is a proprietary Serial-over-LAN encapsulation protocol. It provides virtual connectivity to serial devices anywhere on the network by encapsulating ICS protocol data in a TCP-based protocol. Authentication is not performed. No details of the vulnerability are currently available...
CVE-2021-36767
In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's...