korenix

jetwave_3420_v3__firmware

3 known vulnerabilities · sorted by CVSS score

CVE-2023-23295

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root.

korenix / jetwave_2212g_firmware+14

Network

Published Feb 23, 2023

CVE-2023-23294

HIGH8.8

Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root.

korenix / jetwave_2212g_firmware+14

Network

Published Feb 23, 2023

CVE-2023-23296

MEDIUM6.5

Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.

korenix / jetwave_2212g_firmware+14

Network

Published Feb 23, 2023