Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2021-38412

Properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers of the Digi PortServer TS 16 Rack device do not require authentication or authentication tokens. This vulnerability could allow an attacker to enable the SNMP service and manipulate the community strings to achieve further control in.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 37.2%
CVSS Severity
CVSS v3 Score 9.6
CVSS v2 Score 7.5
Products affected by CVE-2021-38412


Contact Us

Shodan ® - All rights reserved