Lucene search
K

Korenix JetNet Improper Authentication (CVE-2023-5376)

🗓️ 16 Jan 2026 00:00:00Reported by TenableType 
nessus
 nessus
🔗 www.tenable.com👁 4 Views

Improper authentication in Korenix JetNet TFTP allows abuse on devices older than firmware 2024 January.

Related
Refs
Code
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(504963);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2026/02/06");

  script_cve_id("CVE-2023-5376");

  script_name(english:"Korenix JetNet Improper Authentication (CVE-2023-5376)");

  script_set_attribute(attribute:"synopsis", value:
"The remote OT asset is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"An Improper Authentication vulnerability in Korenix JetNet TFTP allows
abuse of this service. This issue affects JetNet devices older than
firmware version 2024/01.

This plugin only works with Tenable.ot.
Please visit https://www.tenable.com/products/tenable-ot for more information.");
  # http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?410e2a88");
  script_set_attribute(attribute:"see_also", value:"http://seclists.org/fulldisclosure/2024/Jan/11");
  # https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0f8ef61f");
  script_set_attribute(attribute:"see_also", value:"https://www.beijerelectronics.com/en/support/Help___online?docId=69947");
  # http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?410e2a88");
  script_set_attribute(attribute:"see_also", value:"http://seclists.org/fulldisclosure/2024/Jan/11");
  # https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/
  script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0f8ef61f");
  script_set_attribute(attribute:"see_also", value:"https://www.beijerelectronics.com/en/support/Help___online?docId=69947");
  script_set_attribute(attribute:"solution", value:
"Refer to the vendor advisory.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2023-5376");

  script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"true");
  script_cwe_id(287, 306);

  script_set_attribute(attribute:"vuln_publication_date", value:"2024/01/09");
  script_set_attribute(attribute:"patch_publication_date", value:"2024/01/09");
  script_set_attribute(attribute:"plugin_publication_date", value:"2026/01/16");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508-w_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508f-m_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508f-mw_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508f-s_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508f-sw_firmware:2.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508i-w_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508if-m_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508if-mw_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508if-s_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_4508if-sw_firmware:1.3");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5310g_firmware:2.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5612g-4f_firmware:1.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5612gp-4f_firmware:1.2");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5620g-4c_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5728g-24p-ac-2dc-eu_firmware:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_5728g-24p-ac-2dc-us_firmware:2.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-2ac-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-2ac-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-2dc24_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-2dc48_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-ac-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6528gf-ac-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6628x-4f-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6628xp-4f-us_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6728g-24p-ac-2dc-eu_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6728g-24p-ac-2dc-us_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2ac-au_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2ac-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2ac-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2dc24_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-2dc48_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-ac-dc24-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-ac-dc24-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6828gf-ac-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_6910g-m12_hvdc_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7310g-v2_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628x-4f-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628x-4f-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628xp-4f-eu_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628xp-4f-eu_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628xp-4f-us_firmware:1.0");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7628xp-4f-us_firmware:1.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:korenix:jetnet_7714g-m12_hvdc_firmware:1.0");
  script_set_attribute(attribute:"generated_plugin", value:"former");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Tenable.ot");

  script_copyright(english:"This script is Copyright (C) 2026 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("tenable_ot_api_integration.nasl");
  script_require_keys("Tenable.ot/Korenix");

  exit(0);
}


include('tenable_ot_cve_funcs.inc');

get_kb_item_or_exit('Tenable.ot/Korenix');

var asset = tenable_ot::assets::get(vendor:'Korenix');

var vuln_cpes = {
    "cpe:/o:korenix:jetnet_5310g_firmware:2.6" :
        {"versionEndIncluding" : "2.6", "versionStartIncluding" : "2.6", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508i-w_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508-w_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508if-s_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508if-m_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508if-sw_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508if-mw_firmware:1.3" :
        {"versionEndIncluding" : "1.3", "versionStartIncluding" : "1.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508f-m_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508f-s_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508f-mw_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_4508f-sw_firmware:2.3" :
        {"versionEndIncluding" : "2.3", "versionStartIncluding" : "2.3", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5620g-4c_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5612gp-4f_firmware:1.2" :
        {"versionEndIncluding" : "1.2", "versionStartIncluding" : "1.2", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5612g-4f_firmware:1.2" :
        {"versionEndIncluding" : "1.2", "versionStartIncluding" : "1.2", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5728g-24p-ac-2dc-us_firmware:2.1" :
        {"versionEndIncluding" : "2.1", "versionStartIncluding" : "2.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_5728g-24p-ac-2dc-eu_firmware:2.1" :
        {"versionEndIncluding" : "2.1", "versionStartIncluding" : "2.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-2ac-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-2ac-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-2dc24_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-2dc48_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-ac-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6528gf-ac-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6628xp-4f-us_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6628x-4f-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6728g-24p-ac-2dc-us_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6728g-24p-ac-2dc-eu_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2dc48_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2dc24_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-ac-dc24-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2ac-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-ac-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2ac-au_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-ac-dc24-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6828gf-2ac-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_6910g-m12_hvdc_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7310g-v2_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628xp-4f-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628xp-4f-us_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628xp-4f-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628xp-4f-eu_firmware:1.1" :
        {"versionEndIncluding" : "1.1", "versionStartIncluding" : "1.1", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628x-4f-us_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7628x-4f-eu_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"},
    "cpe:/o:korenix:jetnet_7714g-m12_hvdc_firmware:1.0" :
        {"versionEndIncluding" : "1.0", "versionStartIncluding" : "1.0", "family" : "JetNet"}
};

tenable_ot::cve::compare_and_report(asset:asset, cpes:vuln_cpes, severity:SECURITY_HOLE);

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

06 Feb 2026 00:00Current
8.3High risk
Vulners AI Score8.3
CVSS 3.18.6 - 9.1
EPSS0.01414
SSVC
4