Vulnerabilities (CVE)

Filtered by vendor Korenix Subscribe
Filtered by product Jetwave 2212s
Total 7 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-23296 1 Korenix 29 Jetwave 2111, Jetwave 2111 Firmware, Jetwave 2111l and 26 more 2024-11-21 N/A 6.5 MEDIUM
Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.
CVE-2023-23295 1 Korenix 29 Jetwave 2111, Jetwave 2111 Firmware, Jetwave 2111l and 26 more 2024-11-21 N/A 8.8 HIGH
Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root.
CVE-2023-23294 1 Korenix 29 Jetwave 2111, Jetwave 2111 Firmware, Jetwave 2111l and 26 more 2024-11-21 N/A 8.8 HIGH
Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root.
CVE-2021-39280 1 Korenix 12 Jetwave 2212g, Jetwave 2212g Firmware, Jetwave 2212s and 9 more 2024-11-21 9.0 HIGH 8.8 HIGH
Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before 1.9.1, 2212S before 1.9.1, 2212G before 1.8, 3220 V3 before 1.5.1, 3420 V3 before 1.5.1, and 2311 through 2022-01-31.
CVE-2020-12504 3 Korenix, Pepperl-fuchs, Westermo 58 Jetwave 2212g, Jetwave 2212g Firmware, Jetwave 2212s and 55 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.
CVE-2020-12503 2 Korenix, Pepperl-fuchs 56 Jetnet 4510, Jetnet 4510 Firmware, Jetnet 4706 and 53 more 2024-11-21 6.5 MEDIUM 7.2 HIGH
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.
CVE-2020-12501 2 Korenix, Pepperl-fuchs 52 Jetnet4510 Firmware, Jetnet4706 Firmware, Jetnet4706f Firmware and 49 more 2024-11-21 7.5 HIGH 9.8 CRITICAL
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.