3 matches found
CVE-2021-36767
In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's...
CVE-2021-36767
creationtimestamp| type| source ---|---|--- 2021-10-08 18:40:14+00:00| seen| https://t.me/cibsecurity/30248...
CVE-2021-36767
Summary of CVE-2021-36767 (Digi RealPort) : Affected software is Digi RealPort up to version 4.10.490. The authentication uses a challenge-response mechanism that exposes access to the server password; an unauthenticated client can trigger the server to return a weakly-hashed version of the passw...