Vulnerabilites related to digi - transport_sr44_firmware
Vulnerability from fkie_nvd
Published
2021-12-10 13:15
Modified
2024-11-21 06:12
Severity ?
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, adding/removing users, disabling the internal firewall, etc.
References
cve@mitre.orghttps://digi.comVendor Advisory
cve@mitre.orghttps://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txtThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://digi.comVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txtThird Party Advisory
Impacted products
Vendor Product Version
digi transport_dr64_firmware *
digi transport_dr64 -
digi transport_sr44_firmware *
digi transport_sr44 -
digi transport_vc74_firmware *
digi transport_vc74 -
digi transport_wr11_firmware *
digi transport_wr11 -
digi transport_wr11_xt_firmware *
digi transport_wr11_xt -
digi transport_wr21_firmware *
digi transport_wr21 -
digi transport_wr31_firmware *
digi transport_wr31 -
digi transport_wr41_firmware *
digi transport_wr41_firmware *
digi transport_wr41_firmware *
digi transport_wr41 -
digi transport_wr44_firmware *
digi transport_wr44 v2


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digi:transport_dr64_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "52506872-BAFC-4A01-929F-FF5FFF506F8B",
              "versionEndIncluding": "5.2.4.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digi:transport_dr64:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1AEA8387-7D13-459E-AB57-23623E585F58",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digi:transport_sr44_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "91254B1B-B09F-406A-8CCD-357B585FE812",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digi:transport_sr44:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5F7CE342-9785-4F57-932D-23650C6E84A2",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digi:transport_vc74_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "C7BB2FB4-1978-476D-A41E-C6ECE4D08EBA",
              "versionEndIncluding": "5.2.4.9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digi:transport_vc74:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BDD2C41-D47E-4433-A461-066FB167B042",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digi:transport_wr11_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66D8D126-5210-4837-A0A2-51E7BA8B85C1",
              "versionEndIncluding": "8.2.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digi:transport_wr11:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8CBAC641-0471-4AC1-AB8B-8E56FE3E3333",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digi:transport_wr11_xt_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "1070E773-F522-46F2-B9FE-B7477D78E5B7",
              "versionEndIncluding": "8.2.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digi:transport_wr11_xt:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "10850ACB-E28F-4AC7-ABA0-EDFF2D2F9EF6",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digi:transport_wr21_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "66B28486-C8C9-42EE-8798-EB01E2AD730E",
              "versionEndIncluding": "8.2.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digi:transport_wr21:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "958AC18F-8C58-4BED-9ED7-AAAB722FE8B7",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digi:transport_wr31_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "867CD9A1-BCE3-4627-B4B7-4E3202A55F36",
              "versionEndIncluding": "8.2.1.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digi:transport_wr31:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC28ABA4-2794-4890-BFDC-416E155AB366",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digi:transport_wr41_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "21F03CF2-89C3-4A3D-9565-4A5F6715A793",
              "versionEndIncluding": "5.2.4.6",
              "versionStartIncluding": "5.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:digi:transport_wr41_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2B3E5EFF-94F4-4466-9F35-E4B6774BEA75",
              "versionEndIncluding": "6.1.3.5",
              "versionStartIncluding": "6.0.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:digi:transport_wr41_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F9368A8-B92B-47C0-BEAC-7D3EB33D3D85",
              "versionEndIncluding": "8.3.1.2",
              "versionStartIncluding": "8.0.0.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digi:transport_wr41:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "D041514D-8E0A-4ABB-AC24-6C716F672390",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:digi:transport_wr44_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "3BD94312-4005-43EC-B2FA-F09289C3F078",
              "versionEndIncluding": "8.3.1.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:digi:transport_wr44:v2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81F8AF9D-B7B8-4BD7-8BA0-42A18C5EA298",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, adding/removing users, disabling the internal firewall, etc."
    },
    {
      "lang": "es",
      "value": "Se ha detectado un problema en Digi TransPort DR64, SR44 VC74 y WR. El protocolo ZING permite una ejecuci\u00f3n arbitraria de comandos remotos con privilegios SUPER. Esto permite a un atacante (con conocimiento del protocolo) ejecutar c\u00f3digo arbitrario en el controlador, incluyendo la sobreescritura del firmware, la adici\u00f3n/eliminaci\u00f3n de usuarios, la deshabilitaci\u00f3n del firewall interno, etc"
    }
  ],
  "id": "CVE-2021-35978",
  "lastModified": "2024-11-21T06:12:52.670",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2021-12-10T13:15:07.620",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://digi.com"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://digi.com"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

CVE-2021-35978 (GCVE-0-2021-35978)
Vulnerability from cvelistv5
Published
2021-12-10 12:18
Modified
2024-08-04 00:47
Severity ?
CWE
  • n/a
Summary
An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, adding/removing users, disabling the internal firewall, etc.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T00:47:42.627Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://digi.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txt"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, adding/removing users, disabling the internal firewall, etc."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-12-10T12:18:39",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://digi.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txt"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2021-35978",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, adding/removing users, disabling the internal firewall, etc."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://digi.com",
              "refsource": "MISC",
              "url": "https://digi.com"
            },
            {
              "name": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txt",
              "refsource": "MISC",
              "url": "https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txt"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2021-35978",
    "datePublished": "2021-12-10T12:18:39",
    "dateReserved": "2021-06-30T00:00:00",
    "dateUpdated": "2024-08-04T00:47:42.627Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}