An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows arbitrary remote command execution with SUPER privileges. This allows an attacker (with knowledge of the protocol) to execute arbitrary code on the controller including overwriting firmware, adding/removing users, disabling the internal firewall, etc.

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

AV:N/AC:L/Au:N/C:C/I:C/A:C
Vendors Products
Digi
  • Transport Wr11
  • Transport Vc74 Firmware
  • Transport Wr41
  • Transport Wr11 Xt Firmware
  • Transport Dr64 Firmware
  • Transport Wr31 Firmware
  • Transport Sr44
  • Transport Sr44 Firmware
  • Transport Wr21
  • Transport Vc74
  • Transport Wr11 Firmware
  • Transport Wr11 Xt
  • Transport Wr31
  • Transport Wr44
  • Transport Wr44 Firmware
  • Transport Wr21 Firmware
  • Transport Dr64
  • Transport Wr41 Firmware

Configuration 1 [-]

AND
cpe:2.3:o:digi:transport_dr64_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:digi:transport_dr64:-:*:*:*:*:*:*:*

Configuration 2 [-]

AND
cpe:2.3:o:digi:transport_sr44_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:digi:transport_sr44:-:*:*:*:*:*:*:*

Configuration 3 [-]

AND
cpe:2.3:o:digi:transport_vc74_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:digi:transport_vc74:-:*:*:*:*:*:*:*

Configuration 4 [-]

AND
cpe:2.3:o:digi:transport_wr11_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:digi:transport_wr11:-:*:*:*:*:*:*:*

Configuration 5 [-]

AND
cpe:2.3:o:digi:transport_wr11_xt_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:digi:transport_wr11_xt:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND
cpe:2.3:o:digi:transport_wr21_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:digi:transport_wr21:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND
cpe:2.3:o:digi:transport_wr31_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:digi:transport_wr31:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND
OR cpe:2.3:o:digi:transport_wr41_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:digi:transport_wr41_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:digi:transport_wr41_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:digi:transport_wr41:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND
cpe:2.3:o:digi:transport_wr44_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:digi:transport_wr44:v2:*:*:*:*:*:*:*
References
Link Resource
https://digi.com Vendor Advisory
https://raw.githubusercontent.com/reidmefirst/vuln-disclosure/main/2021-04.txt Third Party Advisory
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2021-12-10T12:18:39

Updated: 2021-12-10T12:18:39

Reserved: 2021-06-30T00:00:00

Link: CVE-2021-35978

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2021-12-10T13:15:07.620

Modified: 2021-12-14T17:00:02.700

Link: CVE-2021-35978

JSON object: View

cve-icon Redhat Information

No data.

CWE