Unauthenticated Firmware Loading Vulnerability on Digi TransPort Devices

Unauthenticated Firmware Loading Vulnerability on Digi TransPort Devices

CVE-2021-37188 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

An issue was discovered on Digi TransPort devices through 2021-07-21. An authenticated attacker may load customized firmware (because the bootloader does not verify that it is authentic), changing the behavior of the gateway.

Learn more about our Web Application Penetration Testing UK.