Digi Transport Wr11 Xt Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Digi Transport Wr11 Xt Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (8)
CVE-2021-36767 — CVSS 9.8 (critical): In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making…
CVE-2021-35978 — CVSS 9.8 (critical): An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER…
CVE-2021-35977 — CVSS 9.8 (critical): An issue was discovered in Digi RealPort for Windows through 4.8.488.0. A buffer overflow exists in the handling of ADDP discovery response…
CVE-2023-4299 — CVSS 9.0 (critical): Digi RealPort Protocol is vulnerable to a replay attack that may allow an attacker to bypass authentication to access connected equipment.
CVE-2021-37188 — CVSS 8.8 (high): An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may load customized firmware (because the…
CVE-2021-35979 — CVSS 8.1 (high): An issue was discovered in Digi RealPort through 4.8.488.0. The 'encrypted' mode is vulnerable to man-in-the-middle attacks and does not…
CVE-2021-37189 — CVSS 7.5 (high): An issue was discovered on Digi TransPort Gateway devices through 5.2.13.4. They do not set the Secure attribute for sensitive cookies in…
CVE-2021-37187 — CVSS 6.5 (medium): An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file (with reversible…