Korenix Jetwave 2111 Firmware vulnerabilities
3 known vulnerabilities affecting korenix/jetwave_2111_firmware.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
HIGH2MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2023-23295P1HIGHCVSS 8.8Exploitedfixed in 1.52023-02-23
CVE-2023-23295 [HIGH] CWE-77 CVE-2023-23295: Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection
Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root.
nvd
CVE-2023-23294P2HIGHCVSS 8.8fixed in 1.52023-02-23
CVE-2023-23294 [HIGH] CWE-77 CVE-2023-23294: Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection.
Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root.
nvd
CVE-2023-23296P4MEDIUMCVSS 6.5fixed in 1.52023-02-23
CVE-2023-23296 [MEDIUM] CWE-400 CVE-2023-23296: Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service
Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.
nvd