Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to achieve further control in.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://us-cert.cisa.gov/ics/advisories/icsa-21-257-01 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: icscert
Published: 2021-09-17T19:07:49.497542Z
Updated: 2024-09-17T00:06:58.547Z
Reserved: 2021-08-10T00:00:00
Link: CVE-2021-38412
Vulnrichment
No data.
NVD
Status : Modified
Published: 2021-09-17T20:15:07.647
Modified: 2024-11-21T06:17:02.130
Link: CVE-2021-38412
Redhat
No data.