Vulnerabilities > Korenix
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-03-12 | CVE-2019-9725 | Cross-site Scripting vulnerability in Korenix products The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial Setting. | 6.1 |
2017-11-01 | CVE-2017-14027 | Use of Hard-coded Credentials vulnerability in Korenix products A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. | 9.8 |
2017-11-01 | CVE-2017-14021 | Use of Hard-coded Credentials vulnerability in Korenix products A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. | 9.8 |
2012-08-21 | CVE-2012-4577 | Credentials Management vulnerability in Korenix Jetport The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session. | 10.0 |