CVE-2023-23294
published 2023-02-23CVE-2023-23294: Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute…
PriorityP262high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
2.69%
84.0th percentile
Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| korenix | jetwave_2111_firmware | < 1.5 | 1.5 |
| korenix | jetwave_2111l_firmware | < 1.6 | 1.6 |
| korenix | jetwave_2114_firmware | < 1.4 | 1.4 |
| korenix | jetwave_2211c_firmware | < 1.6 | 1.6 |
| korenix | jetwave_2212g_firmware | — | — |
| korenix | jetwave_2212s_firmware | — | — |
| korenix | jetwave_2212x_firmware | — | — |
| korenix | jetwave_2411_firmware | < 1.5 | 1.5 |
| korenix | jetwave_2411l_firmware | < 1.6 | 1.6 |
| korenix | jetwave_2414_firmware | < 1.4 | 1.4 |
| korenix | jetwave_2424_firmware | < 1.3 | 1.3 |
| korenix | jetwave_2460_firmware | < 1.6 | 1.6 |
| korenix | jetwave_3220_v3_firmware | < 1.7 | 1.7 |
| korenix | jetwave_3420_v3_firmware | < 1.7 | 1.7 |
| korenix | jetwave_4221hp-e_firmware | <= 1.3.0 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for HTTP requests targeting the file_name parameter on Korenix JetWave devices; injection of shell metacharacters into this parameter enables root command execution. ↗
- →Monitor for POST requests to /goform/formSysCmd on Korenix JetWave devices; manipulation of the sysCmd parameter is the attack vector for a related root command injection (CVE-2023-23295). ↗
- →Monitor for POST requests to /goform/formDefault on Korenix JetWave devices; this endpoint can be abused to crash the web service (CVE-2023-23296). ↗
- ·CVE-2023-23294 requires low-privilege authenticated access (PR:L); exploitation is not possible without valid credentials, but the attack is remotely exploitable with low complexity. ↗
- ·No known public exploits specifically target these vulnerabilities at time of advisory publication. ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-592f-9p68-85hv: Korenix JetWave 4200 Series 1
ghsa_unreviewed·2023-02-24
CVE-2023-23294 [HIGH] CWE-77 GHSA-592f-9p68-85hv: Korenix JetWave 4200 Series 1
Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root.
CISA ICS
Korenix Jetwave
cisa_ics·2023-04-06·CVSS 8.8
[HIGH] Korenix Jetwave
ICS Advisory
##
Korenix Jetwave
Release DateApril 06, 2023
Alert CodeICSA-23-096-04
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Korenix
- Equipment: Jetwave
- Vulnerabilities: Command Injection, Uncontrolled Resource Consumption
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could allow an attacker to gain full access to the underlying operating system of the device or cause a denial-of-service condition.
## 3. TECHNICAL DETAILS
## 3.1 AFFECTED PRODUCTS
The following versions of Korenix Jetwave, are affected:
- Korenix JetWave4221 HP-E versions V1.3.0 and prior
- Korenix JetWave 3220/3420 V3 versions prior to V1.7
- Korenix JetWave 2212G version V1.3.T
- Korenix JetWa
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-02-23
Published