CVEDB API

Vulnerabilities

Vulnerable Software

Korenix: >> Jetwave 2212x Security Vulnerabilities

CVE-2023-23296

Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.

CVSS Score

6.5

EPSS Score

0.001

Published

2023-02-23

CVE-2023-23294

Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root.

CVSS Score

8.8

EPSS Score

0.013

Published

2023-02-23

CVE-2023-23295

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root.

CVSS Score

8.8

EPSS Score

0.017

Published

2023-02-23

CVE-2021-39280

Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before 1.9.1, 2212S before 1.9.1, 2212G before 1.8, 3220 V3 before 1.5.1, 3420 V3 before 1.5.1, and 2311 through 2022-01-31.

CVSS Score

8.8

EPSS Score

0.013

Published

2022-02-06

CVE-2020-12501

Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.

CVSS Score

9.8

EPSS Score

0.005

Published

2020-10-15

CVE-2020-12503

CVSS Score

7.2

EPSS Score

0.056

Published

2020-10-15

CVE-2020-12504

CVSS Score

9.8

EPSS Score

0.015

Published

2020-10-15

Page 1

Vulnerabilities

Vulnerable Software

Korenix: >> Jetwave 2212x Security Vulnerabilities

Products

Pricing

Contact Us