Lucene search
+L

330 matches found

cvelist
cvelist
added 2020/05/21 7:13 p.m.21 views

CVE-2017-18868

Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built...

7.7AI score0.00791EPSS
Exploits0References1
cve
cve
added 2020/05/21 7:13 p.m.45 views

CVE-2017-18868

CVE-2017-18868 relates to Digi XBee 2 devices, where the network stack underpinning ZigBee enables an attacker to issue remote AT commands due to an ineffective protection mechanism. The vulnerability can impact integrity and availability (I: Partial, A: Partial) with no confidentiality impact de...

7.7CVSS7.6AI score0.00791EPSS
Exploits0References1Affected Software1
osv
osv
added 2020/02/13 12:15 a.m.5 views

CVE-2020-6973

Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Multiple cross-site scripting vulnerabilities exist that could allow an attacker to cause a denial-of-service condition...

6.2CVSS6.4AI score0.00831EPSS
Exploits0References1
prion
prion
added 2020/02/13 12:15 a.m.16 views

Cross site scripting

Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Multiple cross-site scripting vulnerabilities exist that could allow an attacker to cause a denial-of-service condition...

6.3CVSS6.1AI score0.00831EPSS
Exploits0References1Affected Software2
nvd
nvd
added 2020/02/12 11:15 p.m.19 views

CVE-2020-6975

Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application...

4.9CVSS5.4AI score0.00789EPSS
Exploits0References1
osv
osv
added 2020/02/12 11:15 p.m.8 views

CVE-2020-6975

Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application...

4.9CVSS5.8AI score0.00789EPSS
Exploits0References1
prion
prion
added 2020/02/12 11:15 p.m.16 views

Design/Logic Flaw

Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application...

4CVSS5.3AI score0.00789EPSS
Exploits0References1Affected Software2
cve
cve
added 2020/02/12 11:1 p.m.93 views

CVE-2020-6973

CVE-2020-6973 affects Digi International ConnectPort LTS 32 MEI with firmware 1.4.3 (bios 1.2). The advisory documents multiple cross-site scripting vulnerabilities that could lead to a denial-of-service condition. Affected product: ConnectPort LTS 32 MEI (firmware 1.4.3). Root cause: improper ha...

6.3CVSS6.1AI score0.00831EPSS
Exploits0References1Affected Software2
cve
cve
added 2020/02/12 11:0 p.m.76 views

CVE-2020-6975

CVE-2020-6975 affects Digi International ConnectPort LTS 32 MEI (firmware 1.4.3, 82002228_K 08/09/2018; BIOS 1.2). The vulnerability allows unrestricted upload of a file with a dangerous type to the application (CWE-434). Technical details from multiple sources confirm the affected product, versi...

4.9CVSS5.1AI score0.00789EPSS
Exploits0References1Affected Software2
cvelist
cvelist
added 2020/02/12 11:0 p.m.23 views

CVE-2020-6975

Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application...

5.1AI score0.00789EPSS
Exploits0References1
ics
ics
added 2020/02/11 12:0 a.m.62 views

Digi ConnectPort LTS 32 MEI

1. EXECUTIVE SUMMARY CVSS v3 2.4 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Digi International Equipment : ConnectPort LTS 32 MEI Vulnerabilities : Unrestricted Upload of File with Dangerous Type, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these...

6.3CVSS6.2AI score0.00831EPSS
Exploits0References5
nvd
nvd
added 2020/02/10 2:15 a.m.19 views

CVE-2020-8822

Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application...

4.8CVSS5AI score0.00564EPSS
Exploits1References1
osv
osv
added 2020/02/10 2:15 a.m.3 views

CVE-2020-8822

Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application...

4.8CVSS5.8AI score0.00564EPSS
Exploits1References1
prion
prion
added 2020/02/10 2:15 a.m.16 views

Cross site scripting

Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application...

3.5CVSS4.9AI score0.00564EPSS
Exploits1References1Affected Software2
cve
cve
added 2020/02/10 1:52 a.m.105 views

CVE-2020-8822

The CVE-2020-8822 entry concerns Digi TransPort devices (WR21 5.2.2.3; WR44 5.1.6.4; WR44v2 5.1.6.9) with a reported stored XSS vulnerability in the web application. Connected documents consistently reference the same affected models and versions, and describe the issue as stored XSS but do not p...

4.8CVSS4.9AI score0.00564EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2020/02/10 1:52 a.m.29 views

CVE-2020-8822

Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application...

5AI score0.00564EPSS
Exploits1References1
cnvd
cnvd
added 2020/01/14 12:0 a.m.4 views

Digi AnywhereUSB 14 XSS Injection Vulnerability

The AnywhereUSB product is a network-enabled USB hub that allows USB devices to be connected in any LAN. Digi AnywhereUSB 14 suffers from an XSS injection vulnerability, which could be exploited by an attacker to conduct an xss attack against the corresponding program to obtain other information ...

6.1CVSS6.4AI score0.02402EPSS
Exploits5References1
packetstorm
packetstorm
added 2020/01/13 12:0 a.m.133 views

Digi AnywhereUSB 14 Cross Site Scripting

Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Date: 2019-11-10 Exploit Author: Raspina Net Pars Group Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb Version: 1.93.21.19 CVE : CVE-2019-18859 PoC GET...

4.3CVSS0.2AI score0.02402EPSS
Exploits5
zdt
zdt
added 2020/01/13 12:0 a.m.108 views

Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Vulnerability

Exploit for php platform in category web applications Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Exploit Author: Raspina Net Pars Group Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb Version: 1.93.21.19 CVE : CVE-2019-18859 P...

4.3CVSS0.2AI score0.02402EPSS
Exploits5
exploitpack
exploitpack
added 2020/01/13 12:0 a.m.100 views

Digi AnywhereUSB 14 - Reflective Cross-Site Scripting

Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Date: 2019-11-10 Exploit Author: Raspina Net Pars Group Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb Version: 1.93.21.19 CVE :...

4.3CVSS0.5AI score0.02402EPSS
Exploits5
Rows per page
Query Builder