5 matches found
CVE-2021-38412
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to...
Authentication flaw
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to...
CVE-2021-38412 Digi PortServer TS 16 Improper Authentication
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to...
Digi PortServer TS 访问控制错误漏洞
Digi PortServer TS is used by Digital Networks Malaysia Digi for easy serial to Ethernet connectivity. An Access Control Error vulnerability exists in Digi PortServer TS 16, which stems from properly formatted POST requests for multiple resources on the software's HTTP and HTTPS web servers that ...
Digi PortServer TS 16
1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Exploitable remotely/low attack complexity Vendor: Digi International, Inc. Equipment: PortServer TS 16 Vulnerability: Improper Authentication 2. RISK EVALUATION Successful exploitation of this vulnerability allows write access, which grants control of...