Vulnerabilities > Korenix > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2023-5347 Improper Verification of Cryptographic Signature vulnerability in Korenix products
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
network
low complexity
korenix CWE-347
critical
9.1
2024-01-09 CVE-2023-5376 Improper Authentication vulnerability in Korenix products
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.
network
low complexity
korenix CWE-287
critical
9.1
2022-02-06 CVE-2021-39280 Unspecified vulnerability in Korenix products
Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp.
network
low complexity
korenix
critical
9.0
2020-10-15 CVE-2020-12501 Use of Hard-coded Credentials vulnerability in multiple products
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.
network
low complexity
pepperl-fuchs korenix CWE-798
critical
9.8
2017-11-01 CVE-2017-14027 Use of Hard-coded Credentials vulnerability in Korenix products
A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1.
network
low complexity
korenix CWE-798
critical
9.8
2017-11-01 CVE-2017-14021 Use of Hard-coded Credentials vulnerability in Korenix products
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1.
network
low complexity
korenix CWE-798
critical
9.8
2012-08-21 CVE-2012-4577 Credentials Management vulnerability in Korenix Jetport
The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session.
network
low complexity
korenix CWE-255
critical
10.0