PT-2020-20305 · Digi · Digi Transport Wr44V2+2

Published

2020-02-10

Updated

2020-02-11

CVE-2020-8822

CVSS v3.1

4.8

Medium

Vector

AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Digi TransPort WR21 version 5.2.2.3 Digi TransPort WR44 version 5.1.6.4 Digi TransPort WR44v2 version 5.1.6.9

Description The issue allows stored XSS in the web application of the affected devices.

Recommendations For Digi TransPort WR21 version 5.2.2.3, update to a version that addresses the stored XSS issue. For Digi TransPort WR44 version 5.1.6.4, update to a version that addresses the stored XSS issue. For Digi TransPort WR44v2 version 5.1.6.9, update to a version that addresses the stored XSS issue.

Exploit

Fix

XSS

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-79

Related Identifiers

CVE-2020-8822

Affected Products

Digi Transport Wr21

Digi Transport Wr44

Digi Transport Wr44V2

PT-2020-20305 · Digi · Digi Transport Wr44V2+2

CVE-2020-8822

Weakness Enumeration

Related Identifiers

Affected Products

References · 3