An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may read a password file (with reversible passwords) from the device, which allows decoding of other users' passwords.
2021-12-10T13:15:07.667
2024-11-21T06:14:49.303
Modified
CVSSv3.1: 6.5 (MEDIUM)
AV:N/AC:L/Au:S/C:P/I:N/A:N
8.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | digi | transport_dr64_firmware | ≤ 5.2.4.9 | Yes |
| Hardware | digi | transport_dr64 | - | No |
| Operating System | digi | transport_dr64_firmware | - | Yes |
| Hardware | digi | transport_sr44 | - | No |
| Operating System | digi | transport_vc74_firmware | ≤ 5.2.4.9 | Yes |
| Hardware | digi | transport_vc74 | - | No |
| Operating System | digi | transport_wr11_firmware | ≤ 8.2.1.3 | Yes |
| Hardware | digi | transport_wr11 | - | No |
| Operating System | digi | transport_wr11_xt_firmware | ≤ 8.2.1.3 | Yes |
| Hardware | digi | transport_wr11_xt | - | No |
| Operating System | digi | transport_wr21_firmware | ≤ 8.2.1.3 | Yes |
| Hardware | digi | transport_wr21 | - | No |
| Operating System | digi | transport_wr31_firmware | ≤ 8.2.1.3 | Yes |
| Hardware | digi | transport_wr31 | - | No |
| Operating System | digi | transport_wr41_firmware | ≤ 5.2.4.6 | Yes |
| Operating System | digi | transport_wr41_firmware | ≤ 6.1.3.5 | Yes |
| Operating System | digi | transport_wr41_firmware | ≤ 8.3.1.2 | Yes |
| Hardware | digi | transport_wr41 | - | No |
| Operating System | digi | transport_wr44_firmware | ≤ 8.3.1.2 | Yes |
| Hardware | digi | transport_wr44 | v2 | No |