330 matches found
CVE-2017-18868
Digi XBee 2 devices do not have an effective protection mechanism against remote AT commands, because of issues related to the network stack upon which the ZigBee protocol is built...
CVE-2017-18868
CVE-2017-18868 relates to Digi XBee 2 devices, where the network stack underpinning ZigBee enables an attacker to issue remote AT commands due to an ineffective protection mechanism. The vulnerability can impact integrity and availability (I: Partial, A: Partial) with no confidentiality impact de...
CVE-2020-6973
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Multiple cross-site scripting vulnerabilities exist that could allow an attacker to cause a denial-of-service condition...
Cross site scripting
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Multiple cross-site scripting vulnerabilities exist that could allow an attacker to cause a denial-of-service condition...
CVE-2020-6975
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application...
CVE-2020-6975
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application...
Design/Logic Flaw
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application...
CVE-2020-6973
CVE-2020-6973 affects Digi International ConnectPort LTS 32 MEI with firmware 1.4.3 (bios 1.2). The advisory documents multiple cross-site scripting vulnerabilities that could lead to a denial-of-service condition. Affected product: ConnectPort LTS 32 MEI (firmware 1.4.3). Root cause: improper ha...
CVE-2020-6975
CVE-2020-6975 affects Digi International ConnectPort LTS 32 MEI (firmware 1.4.3, 82002228_K 08/09/2018; BIOS 1.2). The vulnerability allows unrestricted upload of a file with a dangerous type to the application (CWE-434). Technical details from multiple sources confirm the affected product, versi...
CVE-2020-6975
Digi International ConnectPort LTS 32 MEI, Firmware Version 1.4.3 82002228K 08/09/2018, bios Version 1.2. Successful exploitation of this vulnerability could allow an attacker to upload a malicious file to the application...
Digi ConnectPort LTS 32 MEI
1. EXECUTIVE SUMMARY CVSS v3 2.4 ATTENTION : Exploitable remotely/low skill level to exploit Vendor : Digi International Equipment : ConnectPort LTS 32 MEI Vulnerabilities : Unrestricted Upload of File with Dangerous Type, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these...
CVE-2020-8822
Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application...
CVE-2020-8822
Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application...
Cross site scripting
Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application...
CVE-2020-8822
The CVE-2020-8822 entry concerns Digi TransPort devices (WR21 5.2.2.3; WR44 5.1.6.4; WR44v2 5.1.6.9) with a reported stored XSS vulnerability in the web application. Connected documents consistently reference the same affected models and versions, and describe the issue as stored XSS but do not p...
CVE-2020-8822
Digi TransPort WR21 5.2.2.3, WR44 5.1.6.4, and WR44v2 5.1.6.9 devices allow stored XSS in the web application...
Digi AnywhereUSB 14 XSS Injection Vulnerability
The AnywhereUSB product is a network-enabled USB hub that allows USB devices to be connected in any LAN. Digi AnywhereUSB 14 suffers from an XSS injection vulnerability, which could be exploited by an attacker to conduct an xss attack against the corresponding program to obtain other information ...
Digi AnywhereUSB 14 Cross Site Scripting
Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Date: 2019-11-10 Exploit Author: Raspina Net Pars Group Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb Version: 1.93.21.19 CVE : CVE-2019-18859 PoC GET...
Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Exploit Author: Raspina Net Pars Group Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb Version: 1.93.21.19 CVE : CVE-2019-18859 P...
Digi AnywhereUSB 14 - Reflective Cross-Site Scripting
Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Exploit Title: Digi AnywhereUSB 14 - Reflective Cross-Site Scripting Date: 2019-11-10 Exploit Author: Raspina Net Pars Group Vendor Homepage: https://www.digi.com/products/networking/usb-connectivity/usb-over-ip/awusb Version: 1.93.21.19 CVE :...