Digitus

digitus

5 CVEs • 3 products

Products (3)

Click to collapse

Toggle

Da 70254 Firmware

da-70254_firmware

CVEs (5)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-27105 1Digitus 1Inmailx Nov 21, 2024 Jul 26, 2022 N/A· v4 5.4 MEDIUM· v3 N/A· v2 InMailX Outlook Plugin < 3.22.0101 is vulnerable to Cross Site Scripting (XSS). InMailX Connection names are not sanitzed in the Outlook tab, which allows a local user or network administrator to execute HTML / Javascrip...Show more InMailX Outlook Plugin < 3.22.0101 is vulnerable to Cross Site Scripting (XSS). InMailX Connection names are not sanitzed in the Outlook tab, which allows a local user or network administrator to execute HTML / Javascript in the Outlook of users.Show less
CVE-2020-15065 1Digitus 1Da 70254 Firmware Nov 21, 2024 Aug 7, 2020 N/A· v4 6.5 MEDIUM· v3 6.1 MEDIUM· v2 DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to denial-of-service the device via long input values.
CVE-2020-15064 1Digitus 1Da 70254 Firmware Nov 21, 2024 Aug 7, 2020 N/A· v4 4.3 MEDIUM· v3 2.3 LOW· v2 DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to conduct persistent XSS attacks by leveraging administrative privileges to set a crafted server name.
CVE-2020-15063 1Digitus 1Da 70254 Firmware Nov 21, 2024 Aug 7, 2020 N/A· v4 8.8 HIGH· v3 8.3 HIGH· v2 DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to bypass authentication via a web-administration request that lacks a password parameter.
CVE-2020-15062 1Digitus 1Da 70254 Firmware Nov 21, 2024 Aug 7, 2020 N/A· v4 8.8 HIGH· v3 3.3 LOW· v2 DIGITUS DA-70254 4-Port Gigabit Network Hub 2.073.000.E0008 devices allow an attacker on the same network to elevate privileges because the administrative password can be discovered by sniffing unencrypted UDP traffic.