ReportizFlow
Filtered by vendor Digi
Subscriptions
Filtered by product One Iap Haz Firmware
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2021-36767 | 1 Digi | 37 6350-sr, 6350-sr Firmware, Cm and 34 more | 2024-11-21 | 9.8 Critical |
| In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server. | ||||
Page 1 of 1.