VYPR

Passport

by Digi International Inc

CVEs (2)

  • CVE-2022-26953HigApr 6, 2022
    risk 0.49cvss 7.5epss 0.02

    Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow. An attacker can supply a string in the page parameter for reboot.asp endpoint, allowing him to force an overflow when the string is concatenated to the HTML body.

  • CVE-2022-26952HigApr 6, 2022
    risk 0.49cvss 7.5epss 0.02

    Digi Passport Firmware through 1.5.1,1 is affected by a buffer overflow in the function for building the Location header string when an unauthenticated user is redirected to the authentication page.