Korenix Jetwave_2212s
7 CVEs affecting Korenix Jetwave_2212s. Latest disclosed: 2023-02-23. Critical: 2, High: 4.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-12504 | Critical | 9.8 | 2020-10-15 | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES85… |
CVE-2020-12501 | Critical | 9.8 | 2020-10-15 | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES85… |
CVE-2023-23295 | High | 8.8 | 2023-02-23 | Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd pa… |
CVE-2023-23294 | High | 8.8 | 2023-02-23 | Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute… |
CVE-2021-39280 | High | 8.8 | 2022-02-06 | Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before 1.9.1, 2212S before 1.9… |
CVE-2020-12503 | High | 7.2 | 2020-10-15 | Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES85… |
CVE-2023-23296 | Medium | 6.5 | 2023-02-23 | Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault. |