Critical severity9.8NVD Advisory· Published Oct 8, 2021· Updated Jun 17, 2026
CVE-2021-36767
CVE-2021-36767
Description
In Digi RealPort through 4.10.490, authentication relies on a challenge-response mechanism that gives access to the server password, making the protection ineffective. An attacker may send an unauthenticated request to the server. The server will reply with a weakly-hashed version of the server's access password. The attacker may then crack this hash offline in order to successfully login to the server.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Digi/RealPortdescription
- Range: <=4.10.490
Patches
Vulnerability mechanics
References
1- raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-02.txtnvdThird Party Advisory
News mentions
0No linked articles in our index yet.