Vulnerabilities > Korenix > Critical

DATE CVE VULNERABILITY TITLE RISK
2024-01-09 CVE-2023-5347 Improper Verification of Cryptographic Signature vulnerability in Korenix products
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
network
low complexity
korenix CWE-347
critical
9.1
2024-01-09 CVE-2023-5376 Improper Authentication vulnerability in Korenix products
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.
network
low complexity
korenix CWE-287
critical
9.1
2020-10-15 CVE-2020-12504 Hidden Functionality vulnerability in multiple products
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.
network
low complexity
pepperl-fuchs korenix westermo CWE-912
critical
9.8
2020-10-15 CVE-2020-12501 Use of Hard-coded Credentials vulnerability in multiple products
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.
network
low complexity
pepperl-fuchs korenix CWE-798
critical
9.8
2017-11-01 CVE-2017-14027 Use of Hard-coded Credentials vulnerability in Korenix products
A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1.
network
low complexity
korenix CWE-798
critical
9.8
2017-11-01 CVE-2017-14021 Use of Hard-coded Credentials vulnerability in Korenix products
A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1.
network
low complexity
korenix CWE-798
critical
9.8