Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.1
CVSSv3

CVE-2023-5347

Published: 09/01/2024 Updated: 17/01/2024
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Jetnet 5310g Firmware

Vulnerability Summary

An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.

Vulnerable Product Search on Vulmon Subscribe to Product

korenix jetnet_5310g_firmware 2.6

korenix jetnet_4508_firmware 2.3

korenix jetnet_4508i-w_firmware 1.3

korenix jetnet_4508-w_firmware 2.3

korenix jetnet_4508if-s_firmware 1.3

korenix jetnet_4508if-m_firmware 1.3

korenix jetnet_4508if-sw_firmware 1.3

korenix jetnet_4508if-mw_firmware 1.3

korenix jetnet_4508f-m_firmware 2.3

korenix jetnet_4508f-s_firmware 2.3

korenix jetnet_4508f-mw_firmware 2.3

korenix jetnet_4508f-sw_firmware 2.3

korenix jetnet_5620g-4c_firmware 1.1

korenix jetnet_5612gp-4f_firmware 1.2

korenix jetnet_5612g-4f_firmware 1.2

korenix jetnet_5728g-24p-ac-2dc-us_firmware 2.1

korenix jetnet_5728g-24p-ac-2dc-eu_firmware 2.1

korenix jetnet_6528gf-2ac-eu_firmware 1.0

korenix jetnet_6528gf-2ac-us_firmware 1.0

korenix jetnet_6528gf-2dc24_firmware 1.0

korenix jetnet_6528gf-2dc48_firmware 1.0

korenix jetnet_6528gf-ac-eu_firmware 1.0

korenix jetnet_6528gf-ac-us_firmware 1.0

korenix jetnet_6628xp-4f-us_firmware 1.1

korenix jetnet_6628x-4f-eu_firmware 1.0

korenix jetnet_6728g-24p-ac-2dc-us_firmware 1.1

korenix jetnet_6728g-24p-ac-2dc-eu_firmware 1.1

korenix jetnet_6828gf-2dc48_firmware 1.0

korenix jetnet_6828gf-2dc24_firmware 1.0

korenix jetnet_6828gf-ac-dc24-us_firmware 1.0

korenix jetnet_6828gf-2ac-us_firmware 1.0

korenix jetnet_6828gf-ac-us_firmware 1.0

korenix jetnet_6828gf-2ac-au_firmware 1.0

korenix jetnet_6828gf-ac-dc24-eu_firmware 1.0

korenix jetnet_6828gf-2ac-eu_firmware 1.0

korenix jetnet_6910g-m12_hvdc_firmware 1.0

korenix jetnet_7310g-v2_firmware 1.0

korenix jetnet_7628xp-4f-us_firmware 1.0

korenix jetnet_7628xp-4f-us_firmware 1.1

korenix jetnet_7628xp-4f-eu_firmware 1.0

korenix jetnet_7628xp-4f-eu_firmware 1.1

korenix jetnet_7628x-4f-us_firmware 1.0

korenix jetnet_7628x-4f-eu_firmware 1.0

korenix jetnet_7714g-m12_hvdc_firmware 1.0

Exploits

Exploit DB: Korenix JetNet Series Unauthenticated Access
Korenix JetNet Series allows TFTP without authentication and also allows for unauthenticated firmware upgrades ...

Mailing Lists

Full Disclosure: CyberDanube Security Research 20240109-0 | Multiple Vulnerabilities in JetNet Series
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CyberDanube Security Research 20240109-0 | Multiple Vulnerabilities in JetNet Series <!--X-Subject-Header-End--> <!--X ...

References

CWE-347https://www.beijerelectronics.com/en/support/Help___online?docId=69947https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/http://seclists.org/fulldisclosure/2024/Jan/11http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site request forgeryCVE-2024-34351CVE-2024-1076CVE-2024-25522CVE-2024-34547CVE-2024-4644unauthorizedremoteCVE-2024-4671
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook