CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

Search Vulnerabilities

Software

Searching vulnerabilities affecting “korenix”

11 vulnerabilities found for “korenix”

CVE-2023-5347

CRITICAL9.8

An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.

korenix / jetnet_5310g_firmware+43

Network

Published Jan 9, 2024

CVE-2023-5376

HIGH8.6

An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.

korenix / jetnet_5310g_firmware+43

Network

Published Jan 9, 2024

CVE-2023-23295

HIGH8.8

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root.

korenix / jetwave_2212g_firmware+14

Network

Published Feb 23, 2023

CVE-2023-23294

HIGH8.8

Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root.

korenix / jetwave_2212g_firmware+14

Network

Published Feb 23, 2023

CVE-2023-23296

MEDIUM6.5

Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.

korenix / jetwave_2212g_firmware+14

Network

Published Feb 23, 2023

CVE-2021-39280

HIGH8.8

Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before 1.9.1, 2212S before 1.9.1, 2212G before 1.8, 3220 V3 before 1.5.1, 3420 V3 before 1.5.1, and 2311 through 2022-01-31.

korenix / jetwave_2212s_firmware+5

Network

Published Feb 6, 2022

CVE-2020-12502

HIGH8.8

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration.

pepperl-fuchs / es7510-xt_firmware+24

Network

Published Oct 15, 2020

CVE-2020-12501

CRITICAL9.8

pepperl-fuchs / es7510-xt_firmware+25

Network

Published Oct 15, 2020

CVE-2020-12504

CRITICAL9.8

pepperl-fuchs / es7510-xt_firmware+28

Network