Korenix Jetwave_2212g_firmware

7 CVEs affecting Korenix Jetwave_2212g_firmware. Latest disclosed: 2023-02-23. Critical: 2, High: 4.

Top CVEs affecting Korenix Jetwave_2212g_firmware
CVESeverityScorePublishedSummary
CVE-2020-12504Critical9.82020-10-15Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES85…
CVE-2020-12501Critical9.82020-10-15Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES85…
CVE-2023-23295High8.82023-02-23Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd pa…
CVE-2023-23294High8.82023-02-23Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute…
CVE-2021-39280High8.82022-02-06Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before 1.9.1, 2212S before 1.9…
CVE-2020-12503High7.22020-10-15Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES85…
CVE-2023-23296Medium6.52023-02-23Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.