Auth bypass in Digi International One Iap

CVE-2025-3659

Improper authentication handling was identified in a set of HTTP POST requests affecting the following product families: * Digi PortServer TS - prior to and including 82000747_AA, build date 06/17/2022 * Digi One SP/Digi One SP I…

Vulnerability class: Broken Authentication

EPSS: 0.003 (18.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References