📦

passport

Vendor: digi

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 2 Remote Access

Total CVEs 3 Total Indexed

Avg. EPSS 0.67% Exploit Prob.

Latest CVE CVE-2023-4299 Aug 31

Security Vulnerability Index

Page 1 / 1

9.0 CVSS

CVE-2023-4299

Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.

EPSS: 0.02%

Severity: CRITICAL

Aug 31, 2023

7.5 CVSS

CVE-2022-26953

RCE

Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.

EPSS: 0.66%

Severity: HIGH

Apr 06, 2022

7.5 CVSS

CVE-2022-26952

RCE

Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page.

EPSS: 1.35%

Severity: HIGH

Apr 06, 2022

Displaying 3 of 3 Total Entries

Total 1 Sections