Digi · Digi Portserver Ts 16 Rack · CVE-2021-38412
**Name of the Vulnerable Software and Affected Versions**
Digi PortServer TS 16 Rack device (affected versions not specified)
**Description**
The issue concerns the Digi PortServer TS 16 Rack device, where properly formatted POST requests to multiple resources on the HTTP and HTTPS web servers do not require authentication or authentication tokens. This could allow an attacker to enable the SNMP service and manipulate the community strings to achieve further control.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.