Security Advisory

CVE-2021-38412

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-09-17 19:07:49

Last updated 2024-09-17 00:06:58

Assigner icscert

State PUBLISHED

Description

Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to achieve further control in.

← Browse all CVEs View on cve.org ↗