Lucene search

Jetwave 3420 V3 Firmware Security Vulnerabilities

cve

CVE-2023-23294

Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root.

8.8CVSS

8.9AI Score

0.001EPSS

2023-02-23 11:15 PM

cve

CVE-2023-23295

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root.

8.8CVSS

9AI Score

0.001EPSS

2023-02-23 11:15 PM

cve

CVE-2023-23296

Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.

6.5CVSS

6.4AI Score

0.001EPSS

2023-02-23 11:15 PM