Логотип exploitDog
bind:CVE-2021-36767
Консоль
Логотип exploitDog

exploitDog

bind:CVE-2021-36767

Количество 2

Количество 2

nvd логотип

CVE-2021-36767

почти 4 года назад

In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server.

CVSS3: 9.8
EPSS: Низкий
github логотип

GHSA-22vf-qc4p-vc3x

больше 3 лет назад

In Digi RealPort through 4.8.488.0, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server.

CVSS3: 9.8
EPSS: Низкий

Уязвимостей на страницу

Уязвимость
CVSS
EPSS
Опубликовано
nvd логотип
CVE-2021-36767

In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server.

CVSS3: 9.8
0%
Низкий
почти 4 года назад
github логотип
GHSA-22vf-qc4p-vc3x

In Digi RealPort through 4.8.488.0, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server.

CVSS3: 9.8
0%
Низкий
больше 3 лет назад

Уязвимостей на страницу