Lucene search

CyberDanubeCVE-2023-5376

HistoryJan 09, 2024 - 10:15 a.m.

CVE-2023-5376

2024-01-0910:15:22

CWE-287

CyberDanube

web.nvd.nist.gov

cve-2023-5376

improper authentication

korenix jetnet

tftp

vulnerability

security

nvd

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

9.3

Confidence

High

EPSS

0.002

Percentile

62.1%

JSON

An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.

Affected configurations

Nvd

Node

korenixjetnet_5310gMatch-

AND

korenixjetnet_5310g_firmwareMatch2.6

Node

korenixjetnet_4508Match-

AND

korenixjetnet_4508_firmwareMatch2.3

Node

korenixjetnet_4508i-wMatch-

AND

korenixjetnet_4508i-w_firmwareMatch1.3

Node

korenixjetnet_4508-wMatch-

AND

korenixjetnet_4508-w_firmwareMatch2.3

Node

korenixjetnet_4508if-sMatch-

AND

korenixjetnet_4508if-s_firmwareMatch1.3

Node

korenixjetnet_4508if-mMatch-

AND

korenixjetnet_4508if-m_firmwareMatch1.3

Node

korenixjetnet_4508if-swMatch-

AND

korenixjetnet_4508if-sw_firmwareMatch1.3

Node

korenixjetnet_4508if-mwMatch-

AND

korenixjetnet_4508if-mw_firmwareMatch1.3

Node

korenixjetnet_4508f-m_firmwareMatch2.3

AND

korenixjetnet_4508f-mMatch-

Node

korenixjetnet_4508f-s_firmwareMatch2.3

AND

korenixjetnet_4508f-sMatch-

Node

korenixjetnet_4508f-mw_firmwareMatch2.3

AND

korenixjetnet_4508f-mwMatch-

Node

korenixjetnet_4508f-sw_firmwareMatch2.3

AND

korenixjetnet_4508f-swMatch-

Node

korenixjetnet_5620g-4c_firmwareMatch1.1

AND

korenixjetnet_5620g-4cMatch-

Node

korenixjetnet_5612gp-4f_firmwareMatch1.2

AND

korenixjetnet_5612gp-4fMatch-

Node

korenixjetnet_5612g-4f_firmwareMatch1.2

AND

korenixjetnet_5612g-4fMatch-

Node

korenixjetnet_5728g-24p-ac-2dc-us_firmwareMatch2.1

AND

korenixjetnet_5728g-24p-ac-2dc-usMatch-

Node

korenixjetnet_5728g-24p-ac-2dc-eu_firmwareMatch2.1

AND

korenixjetnet_5728g-24p-ac-2dc-euMatch-

Node

korenixjetnet_6528gf-2ac-eu_firmwareMatch1.0

AND

korenixjetnet_6528gf-2ac-euMatch-

Node

korenixjetnet_6528gf-2ac-us_firmwareMatch1.0

AND

korenixjetnet_6528gf-2ac-usMatch-

Node

korenixjetnet_6528gf-2dc24_firmwareMatch1.0

AND

korenixjetnet_6528gf-2dc24Match-

Node

korenixjetnet_6528gf-2dc48_firmwareMatch1.0

AND

korenixjetnet_6528gf-2dc48Match-

Node

korenixjetnet_6528gf-ac-eu_firmwareMatch1.0

AND

korenixjetnet_6528gf-ac-euMatch-

Node

korenixjetnet_6528gf-ac-us_firmwareMatch1.0

AND

korenixjetnet_6528gf-ac-usMatch-

Node

korenixjetnet_6628xp-4f-us_firmwareMatch1.1

AND

korenixjetnet_6628xp-4f-usMatch-

Node

korenixjetnet_6628x-4f-eu_firmwareMatch1.0

AND

korenixjetnet_6628x-4f-euMatch-

Node

korenixjetnet_6728g-24p-ac-2dc-us_firmwareMatch1.1

AND

korenixjetnet_6728g-24p-ac-2dc-usMatch-

Node

korenixjetnet_6728g-24p-ac-2dc-eu_firmwareMatch1.1

AND

korenixjetnet_6728g-24p-ac-2dc-euMatch-

Node

korenixjetnet_6828gf-2dc48_firmwareMatch1.0

AND

korenixjetnet_6828gf-2dc48Match-

Node

korenixjetnet_6828gf-2dc24_firmwareMatch1.0

AND

korenixjetnet_6828gf-2dc24Match-

Node

korenixjetnet_6828gf-ac-dc24-us_firmwareMatch1.0

AND

korenixjetnet_6828gf-ac-dc24-usMatch-

Node

korenixjetnet_6828gf-2ac-us_firmwareMatch1.0

AND

korenixjetnet_6828gf-2ac-usMatch-

Node

korenixjetnet_6828gf-ac-us_firmwareMatch1.0

AND

korenixjetnet_6828gf-ac-usMatch-

Node

korenixjetnet_6828gf-2ac-au_firmwareMatch1.0

AND

korenixjetnet_6828gf-2ac-auMatch-

Node

korenixjetnet_6828gf-ac-dc24-eu_firmwareMatch1.0

AND

korenixjetnet_6828gf-ac-dc24-euMatch-

Node

korenixjetnet_6828gf-2ac-eu_firmwareMatch1.0

AND

korenixjetnet_6828gf-2ac-euMatch-

Node

korenixjetnet_6910g-m12_hvdc_firmwareMatch1.0

AND

korenixjetnet_6910g-m12_hvdcMatch-

Node

korenixjetnet_7310g-v2_firmwareMatch1.0

AND

korenixjetnet_7310g-v2Match-

Node

korenixjetnet_7628xp-4f-us_firmwareMatch1.0

AND

korenixjetnet_7628xp-4f-usMatch-

Node

korenixjetnet_7628xp-4f-us_firmwareMatch1.1

AND

korenixjetnet_7628xp-4f-usMatch-

Node

korenixjetnet_7628xp-4f-eu_firmwareMatch1.0

AND

korenixjetnet_7628xp-4f-euMatch-

Node

korenixjetnet_7628xp-4f-eu_firmwareMatch1.1

AND

korenixjetnet_7628xp-4f-euMatch-

Node

korenixjetnet_7628x-4f-us_firmwareMatch1.0

AND

korenixjetnet_7628x-4f-usMatch-

Node

korenixjetnet_7628x-4f-eu_firmwareMatch1.0

AND

korenixjetnet_7628x-4f-euMatch-

Node

korenixjetnet_7714g-m12_hvdc_firmwareMatch1.0

AND

korenixjetnet_7714g-m12_hvdcMatch-

VendorProductVersionCPE
korenixjetnet_5310g-cpe:2.3:h:korenix:jetnet_5310g:-:*:*:*:*:*:*:*
korenixjetnet_5310g_firmware2.6cpe:2.3:o:korenix:jetnet_5310g_firmware:2.6:*:*:*:*:*:*:*
korenixjetnet_4508-cpe:2.3:h:korenix:jetnet_4508:-:*:*:*:*:*:*:*
korenixjetnet_4508_firmware2.3cpe:2.3:o:korenix:jetnet_4508_firmware:2.3:*:*:*:*:*:*:*
korenixjetnet_4508i-w-cpe:2.3:h:korenix:jetnet_4508i-w:-:*:*:*:*:*:*:*
korenixjetnet_4508i-w_firmware1.3cpe:2.3:o:korenix:jetnet_4508i-w_firmware:1.3:*:*:*:*:*:*:*
korenixjetnet_4508-w-cpe:2.3:h:korenix:jetnet_4508-w:-:*:*:*:*:*:*:*
korenixjetnet_4508-w_firmware2.3cpe:2.3:o:korenix:jetnet_4508-w_firmware:2.3:*:*:*:*:*:*:*
korenixjetnet_4508if-s-cpe:2.3:h:korenix:jetnet_4508if-s:-:*:*:*:*:*:*:*
korenixjetnet_4508if-s_firmware1.3cpe:2.3:o:korenix:jetnet_4508if-s_firmware:1.3:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
korenix	jetnet_5310g	-	cpe:2.3:h:korenix:jetnet_5310g:-:::::::*
korenix	jetnet_5310g_firmware	2.6	cpe:2.3:o:korenix:jetnet_5310g_firmware:2.6:::::::*
korenix	jetnet_4508	-	cpe:2.3:h:korenix:jetnet_4508:-:::::::*
korenix	jetnet_4508_firmware	2.3	cpe:2.3:o:korenix:jetnet_4508_firmware:2.3:::::::*
korenix	jetnet_4508i-w	-	cpe:2.3:h:korenix:jetnet_4508i-w:-:::::::*
korenix	jetnet_4508i-w_firmware	1.3	cpe:2.3:o:korenix:jetnet_4508i-w_firmware:1.3:::::::*
korenix	jetnet_4508-w	-	cpe:2.3:h:korenix:jetnet_4508-w:-:::::::*
korenix	jetnet_4508-w_firmware	2.3	cpe:2.3:o:korenix:jetnet_4508-w_firmware:2.3:::::::*
korenix	jetnet_4508if-s	-	cpe:2.3:h:korenix:jetnet_4508if-s:-:::::::*
korenix	jetnet_4508if-s_firmware	1.3	cpe:2.3:o:korenix:jetnet_4508if-s_firmware:1.3:::::::*

Rows per page:

1-10 of 861

CNA Affected

[
  {
    "defaultStatus": "affected",
    "product": "JetNet Series",
    "vendor": "Korenix",
    "versions": [
      {
        "status": "affected",
        "version": "firmware older than 2024/01"
      }
    ]
  }
]

References

packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html

seclists.org/fulldisclosure/2024/Jan/11

cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/

www.beijerelectronics.com/en/support/Help___online?docId=69947

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

AI Score

9.3

Confidence

High

EPSS

0.002

Percentile

62.1%

JSON

Related for CVE-2023-5376