Jetwave 2212x Firmware

jetwave_2212x_firmware

Vendor: Korenix • 7 CVEs

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-23296 1Korenix 15Jetwave 2111 Firmware Jetwave 2111l FirmwareJetwave 2114 Firmware+12 more Mar 17, 2025 Feb 23, 2023 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.
CVE-2023-23295 1Korenix 15Jetwave 2111 Firmware Jetwave 2111l FirmwareJetwave 2114 Firmware+12 more Mar 17, 2025 Feb 23, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root.
CVE-2023-23294 1Korenix 15Jetwave 2111 Firmware Jetwave 2111l FirmwareJetwave 2114 Firmware+12 more Nov 21, 2024 Feb 23, 2023 N/A· v4 8.8 HIGH· v3 N/A· v2 Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root.
CVE-2021-39280 1Korenix 6Jetwave 2212g Firmware Jetwave 2212s FirmwareJetwave 2212x Firmware+3 more Nov 21, 2024 Feb 6, 2022 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before 1.9.1, 2212S before 1.9.1, 2212G before 1.8, 3220 V3 before 1.5.1, 3420 V3 before 1.5...Show more Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before 1.9.1, 2212S before 1.9.1, 2212G before 1.8, 3220 V3 before 1.5.1, 3420 V3 before 1.5.1, and 2311 through 2022-01-31.Show less
CVE-2020-12504 3Korenix Pepperl FuchsWestermo 29Es7506 Firmware Es7510 Xt FirmwareEs7510 Firmware+26 more Nov 21, 2024 Oct 15, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and...Show more Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.Show less
CVE-2020-12503 2Korenix Pepperl Fuchs 28Es7506 Firmware Es7510 Xt FirmwareEs7510 Firmware+25 more Nov 21, 2024 Oct 15, 2020 N/A· v4 7.2 HIGH· v3 6.5 MEDIUM· v2 Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and...Show more Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.Show less
CVE-2020-12501 2Korenix Pepperl Fuchs 26Es7506 Firmware Es7510 Xt FirmwareEs7510 Firmware+23 more Nov 21, 2024 Oct 15, 2020 N/A· v4 9.8 CRITICAL· v3 7.5 HIGH· v2 Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use...Show more Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.Show less