Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Digi Subscribe
Filtered by product Passport Firmware
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-26953 1 Digi 2 Passport, Passport Firmware 2022-04-12 5.0 MEDIUM 7.5 HIGH
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.
CVE-2022-26952 1 Digi 2 Passport, Passport Firmware 2022-04-12 5.0 MEDIUM 7.5 HIGH
Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page.