Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.1
CVSSv3

CVE-2023-5376

Published: 09/01/2024 Updated: 17/01/2024
CVSS v3 Base Score: 9.1 | Impact Score: 5.2 | Exploitability Score: 3.9
VMScore: 0
Subscribe to Korenix

Vulnerability Summary

An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.

Vulnerable Product Search on Vulmon Subscribe to Product

korenix jetnet_5310g_firmware 2.6

korenix jetnet_4508_firmware 2.3

korenix jetnet_4508i-w_firmware 1.3

korenix jetnet_4508-w_firmware 2.3

korenix jetnet_4508if-s_firmware 1.3

korenix jetnet_4508if-m_firmware 1.3

korenix jetnet_4508if-sw_firmware 1.3

korenix jetnet_4508if-mw_firmware 1.3

korenix jetnet_4508f-m_firmware 2.3

korenix jetnet_4508f-s_firmware 2.3

korenix jetnet_4508f-mw_firmware 2.3

korenix jetnet_4508f-sw_firmware 2.3

korenix jetnet_5620g-4c_firmware 1.1

korenix jetnet_5612gp-4f_firmware 1.2

korenix jetnet_5612g-4f_firmware 1.2

korenix jetnet_5728g-24p-ac-2dc-us_firmware 2.1

korenix jetnet_5728g-24p-ac-2dc-eu_firmware 2.1

korenix jetnet_6528gf-2ac-eu_firmware 1.0

korenix jetnet_6528gf-2ac-us_firmware 1.0

korenix jetnet_6528gf-2dc24_firmware 1.0

korenix jetnet_6528gf-2dc48_firmware 1.0

korenix jetnet_6528gf-ac-eu_firmware 1.0

korenix jetnet_6528gf-ac-us_firmware 1.0

korenix jetnet_6628xp-4f-us_firmware 1.1

korenix jetnet_6628x-4f-eu_firmware 1.0

korenix jetnet_6728g-24p-ac-2dc-us_firmware 1.1

korenix jetnet_6728g-24p-ac-2dc-eu_firmware 1.1

korenix jetnet_6828gf-2dc48_firmware 1.0

korenix jetnet_6828gf-2dc24_firmware 1.0

korenix jetnet_6828gf-ac-dc24-us_firmware 1.0

korenix jetnet_6828gf-2ac-us_firmware 1.0

korenix jetnet_6828gf-ac-us_firmware 1.0

korenix jetnet_6828gf-2ac-au_firmware 1.0

korenix jetnet_6828gf-ac-dc24-eu_firmware 1.0

korenix jetnet_6828gf-2ac-eu_firmware 1.0

korenix jetnet_6910g-m12_hvdc_firmware 1.0

korenix jetnet_7310g-v2_firmware 1.0

korenix jetnet_7628xp-4f-us_firmware 1.0

korenix jetnet_7628xp-4f-us_firmware 1.1

korenix jetnet_7628xp-4f-eu_firmware 1.0

korenix jetnet_7628xp-4f-eu_firmware 1.1

korenix jetnet_7628x-4f-us_firmware 1.0

korenix jetnet_7628x-4f-eu_firmware 1.0

korenix jetnet_7714g-m12_hvdc_firmware 1.0

Exploits

Exploit DB: Korenix JetNet Series Unauthenticated Access
Korenix JetNet Series allows TFTP without authentication and also allows for unauthenticated firmware upgrades ...

Mailing Lists

Full Disclosure: CyberDanube Security Research 20240109-0 | Multiple Vulnerabilities in JetNet Series
<!--X-Body-Begin--> <!--X-User-Header--> Full Disclosure mailing list archives <!--X-User-Header-End--> <!--X-TopPNI--> By Date By Thread </form> <!--X-TopPNI-End--> <!--X-MsgBody--> <!--X-Subject-Header-Begin--> CyberDanube Security Research 20240109-0 | Multiple Vulnerabilities in JetNet Series <!--X-Subject-Header-End--> <!--X ...

References

CWE-287https://www.beijerelectronics.com/en/support/Help___online?docId=69947https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/http://seclists.org/fulldisclosure/2024/Jan/11http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32886insecure direct object referenceCVE-2024-34342file inclusionCVE-2024-34562CVE-2024-34347CVE-2024-26026CVE-2024-4647unprivileged
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook