Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Digi PortServer TS 16 Improper Authentication
Vulnerability Description
Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to achieve further control in.
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:L
Vulnerability Type
认证机制不恰当
Vulnerability Title
Digi PortServer TS 访问控制错误漏洞
Vulnerability Description
Digi PortServer TS是马来西亚数码网络(Digi)公司的用于轻松的串行到以太网连接。 Digi PortServer TS 16存在访问控制错误漏洞,该漏洞源于软件的HTTP和HTTPS web服务器上的多个资源正确格式化的POST请求不需要认证或认证令牌。此漏洞允许攻击者可利用该漏洞启用SNMP服务并操纵社区字符串以实现进一步控制。
CVSS Information
N/A
Vulnerability Type
N/A