Vulnerabilities > Korenix > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-09 | CVE-2023-5347 | Improper Verification of Cryptographic Signature vulnerability in Korenix products An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01. | 9.1 |
| 2024-01-09 | CVE-2023-5376 | Improper Authentication vulnerability in Korenix products An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01. | 9.1 |
| 2022-02-06 | CVE-2021-39280 | Unspecified vulnerability in Korenix products Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. | 9.0 |
| 2020-10-15 | CVE-2020-12501 | Use of Hard-coded Credentials vulnerability in multiple products Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts. | 9.8 |
| 2017-11-01 | CVE-2017-14027 | Use of Hard-coded Credentials vulnerability in Korenix products A Use of Hard-coded Credentials issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. | 9.8 |
| 2017-11-01 | CVE-2017-14021 | Use of Hard-coded Credentials vulnerability in Korenix products A Use of Hard-coded Cryptographic Key issue was discovered in Korenix JetNet JetNet5018G version 1.4, JetNet5310G version 1.4a, JetNet5428G-2G-2FX version 1.4, JetNet5628G-R version 1.4, JetNet5628G version 1.4, JetNet5728G-24P version 1.4, JetNet5828G version 1.1d, JetNet6710G-HVDC version 1.1e, and JetNet6710G version 1.1. | 9.8 |
| 2012-08-21 | CVE-2012-4577 | Credentials Management vulnerability in Korenix Jetport The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session. | 10.0 |