cbcvebase.
CVE-2023-23296
published 2023-02-23

CVE-2023-23296: Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.

PriorityP428medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EPSS
0.80%
51.9th percentile
Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.

Affected

15 ranges
VendorProductVersion rangeFixed in
korenixjetwave_2111_firmware< 1.51.5
korenixjetwave_2111l_firmware< 1.61.6
korenixjetwave_2114_firmware< 1.41.4
korenixjetwave_2211c_firmware< 1.61.6
korenixjetwave_2212g_firmware
korenixjetwave_2212s_firmware
korenixjetwave_2212x_firmware
korenixjetwave_2411_firmware< 1.51.5
korenixjetwave_2411l_firmware< 1.61.6
korenixjetwave_2414_firmware< 1.41.4
korenixjetwave_2424_firmware< 1.31.3
korenixjetwave_2460_firmware< 1.61.6
korenixjetwave_3220_v3_firmware< 1.71.7
korenixjetwave_3420_v3_firmware< 1.71.7
korenixjetwave_4221hp-e_firmware<= 1.3.0
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.