IM
IronMonkey Threat Research
‹ Back to ICS Advisories

Digi International PortServer TS, Digi One SP IA

MEDIUM
CVSS 5.9
Date 2026-07-07T06:00:00+00:00
Source cisa-csaf
Published by CISA

// Description

Successful exploitation of these vulnerabilities could allow an attacker to bypass authentication and gain access to restricted resources, obtain credentials, and inject malicious scripts.

// Vulnerabilities (2)

CVE ID CVSS Score Severity Description
CVE-2026-12352 5.9 medium
The vulnerability allows an unauthenticated actor to bypass authentication and gain access to restricted resources on the device.
CVE-2026-12948 3.8 low
A stored cross-site scripting (XSS) vulnerability in the web management interface of the Digi PortServer TS, Digi One SP, Digi One SP IA, and Digi One IA allows a remote, authenticated administrator to inject script into certain system configuration fields. The script subsequently executes in the browser of a user who views the affected pages.

// Remediations (10)

Patch: For Digi PortServer TS: Enable HTTPS on the web server.
For Digi PortServer TS: Enable HTTPS on the web server.
Mitigation: Safeguard administrator credentials, since exploitation requires authenticated administrator access
Safeguard administrator credentials, since exploitation requires authenticated administrator access to write the affected fields.
Mitigation: Compensating control: If you cannot apply the HTTPS configuration, restrict access via firewall or V
Compensating control: If you cannot apply the HTTPS configuration, restrict access via firewall or VPN.
Patch: For Digi One SP / Digi One SP IA / Digi One IA: Disable the web server. If you cannot apply the HTTP
For Digi One SP / Digi One SP IA / Digi One IA: Disable the web server. If you cannot apply the HTTPS configuration, restrict access via firewall or VPN.
Mitigation: Digi International recommends users perform the following actions regarding XSS: Digi International
Digi International recommends users perform the following actions regarding XSS: Digi International will not provide a firmware fix for products affected by CVE-2026-12948, which are approaching end-of-life. Digi International recommends users upgrade to the Digi Connect EZ or Digi Connect EZ TS as a long-term solution.
Mitigation: The following deployment practices are the recommended means of reducing exposure: Deploy the device
The following deployment practices are the recommended means of reducing exposure: Deploy the device on a trusted network segment, not exposed to untrusted or public networks.
Mitigation: Alternatively, disable the web server when it is not actively being used for configuration.
Alternatively, disable the web server when it is not actively being used for configuration.
Mitigation: Place the device behind a firewall or VPN and restrict access to the web management interface to tru
Place the device behind a firewall or VPN and restrict access to the web management interface to trusted administrative hosts only.
Mitigation: Digi International recommends users upgrade to Digi Connect EZ or Digi Connect EZ TS as a long term
Digi International recommends users upgrade to Digi Connect EZ or Digi Connect EZ TS as a long term solution. If users are not able to upgrade at this time, the following actions should be taken:
Mitigation: For assistance users should contact Digi International's support team https://www.digi.com/support.
For assistance users should contact Digi International's support team https://www.digi.com/support.

// References