Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-5376

An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.

Published

2024-01-09T10:15:22.823

Last Modified

2024-11-21T08:41:38.610

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 8.6 (HIGH)

Weaknesses

Type: Secondary
CWE-287
Type: Primary
CWE-287

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	korenix	jetnet_5310g_firmware	2.6	Yes
Hardware	korenix	jetnet_5310g	-	No
Operating System	korenix	jetnet_4508_firmware	2.3	Yes
Hardware	korenix	jetnet_4508	-	No
Operating System	korenix	jetnet_4508i-w_firmware	1.3	Yes
Hardware	korenix	jetnet_4508i-w	-	No
Operating System	korenix	jetnet_4508-w_firmware	2.3	Yes
Hardware	korenix	jetnet_4508-w	-	No
Operating System	korenix	jetnet_4508if-s_firmware	1.3	Yes
Hardware	korenix	jetnet_4508if-s	-	No
Operating System	korenix	jetnet_4508if-m_firmware	1.3	Yes
Hardware	korenix	jetnet_4508if-m	-	No
Operating System	korenix	jetnet_4508if-sw_firmware	1.3	Yes
Hardware	korenix	jetnet_4508if-sw	-	No
Operating System	korenix	jetnet_4508if-mw_firmware	1.3	Yes
Hardware	korenix	jetnet_4508if-mw	-	No
Operating System	korenix	jetnet_4508f-m_firmware	2.3	Yes
Hardware	korenix	jetnet_4508f-m	-	No
Operating System	korenix	jetnet_4508f-s_firmware	2.3	Yes
Hardware	korenix	jetnet_4508f-s	-	No
Operating System	korenix	jetnet_4508f-mw_firmware	2.3	Yes
Hardware	korenix	jetnet_4508f-mw	-	No
Operating System	korenix	jetnet_4508f-sw_firmware	2.3	Yes
Hardware	korenix	jetnet_4508f-sw	-	No
Operating System	korenix	jetnet_5620g-4c_firmware	1.1	Yes
Hardware	korenix	jetnet_5620g-4c	-	No
Operating System	korenix	jetnet_5612gp-4f_firmware	1.2	Yes
Hardware	korenix	jetnet_5612gp-4f	-	No
Operating System	korenix	jetnet_5612g-4f_firmware	1.2	Yes
Hardware	korenix	jetnet_5612g-4f	-	No
Operating System	korenix	jetnet_5728g-24p-ac-2dc-us_firmware	2.1	Yes
Hardware	korenix	jetnet_5728g-24p-ac-2dc-us	-	No
Operating System	korenix	jetnet_5728g-24p-ac-2dc-eu_firmware	2.1	Yes
Hardware	korenix	jetnet_5728g-24p-ac-2dc-eu	-	No
Operating System	korenix	jetnet_6528gf-2ac-eu_firmware	1.0	Yes
Hardware	korenix	jetnet_6528gf-2ac-eu	-	No
Operating System	korenix	jetnet_6528gf-2ac-us_firmware	1.0	Yes
Hardware	korenix	jetnet_6528gf-2ac-us	-	No
Operating System	korenix	jetnet_6528gf-2dc24_firmware	1.0	Yes
Hardware	korenix	jetnet_6528gf-2dc24	-	No
Operating System	korenix	jetnet_6528gf-2dc48_firmware	1.0	Yes
Hardware	korenix	jetnet_6528gf-2dc48	-	No
Operating System	korenix	jetnet_6528gf-ac-eu_firmware	1.0	Yes
Hardware	korenix	jetnet_6528gf-ac-eu	-	No
Operating System	korenix	jetnet_6528gf-ac-us_firmware	1.0	Yes
Hardware	korenix	jetnet_6528gf-ac-us	-	No
Operating System	korenix	jetnet_6628xp-4f-us_firmware	1.1	Yes
Hardware	korenix	jetnet_6628xp-4f-us	-	No
Operating System	korenix	jetnet_6628x-4f-eu_firmware	1.0	Yes
Hardware	korenix	jetnet_6628x-4f-eu	-	No
Operating System	korenix	jetnet_6728g-24p-ac-2dc-us_firmware	1.1	Yes
Hardware	korenix	jetnet_6728g-24p-ac-2dc-us	-	No
Operating System	korenix	jetnet_6728g-24p-ac-2dc-eu_firmware	1.1	Yes
Hardware	korenix	jetnet_6728g-24p-ac-2dc-eu	-	No
Operating System	korenix	jetnet_6828gf-2dc48_firmware	1.0	Yes
Hardware	korenix	jetnet_6828gf-2dc48	-	No
Operating System	korenix	jetnet_6828gf-2dc24_firmware	1.0	Yes
Hardware	korenix	jetnet_6828gf-2dc24	-	No
Operating System	korenix	jetnet_6828gf-ac-dc24-us_firmware	1.0	Yes
Hardware	korenix	jetnet_6828gf-ac-dc24-us	-	No
Operating System	korenix	jetnet_6828gf-2ac-us_firmware	1.0	Yes
Hardware	korenix	jetnet_6828gf-2ac-us	-	No
Operating System	korenix	jetnet_6828gf-ac-us_firmware	1.0	Yes
Hardware	korenix	jetnet_6828gf-ac-us	-	No
Operating System	korenix	jetnet_6828gf-2ac-au_firmware	1.0	Yes
Hardware	korenix	jetnet_6828gf-2ac-au	-	No
Operating System	korenix	jetnet_6828gf-ac-dc24-eu_firmware	1.0	Yes
Hardware	korenix	jetnet_6828gf-ac-dc24-eu	-	No
Operating System	korenix	jetnet_6828gf-2ac-eu_firmware	1.0	Yes
Hardware	korenix	jetnet_6828gf-2ac-eu	-	No
Operating System	korenix	jetnet_6910g-m12_hvdc_firmware	1.0	Yes
Hardware	korenix	jetnet_6910g-m12_hvdc	-	No
Operating System	korenix	jetnet_7310g-v2_firmware	1.0	Yes
Hardware	korenix	jetnet_7310g-v2	-	No
Operating System	korenix	jetnet_7628xp-4f-us_firmware	1.0	Yes
Hardware	korenix	jetnet_7628xp-4f-us	-	No
Operating System	korenix	jetnet_7628xp-4f-us_firmware	1.1	Yes
Hardware	korenix	jetnet_7628xp-4f-us	-	No
Operating System	korenix	jetnet_7628xp-4f-eu_firmware	1.0	Yes
Hardware	korenix	jetnet_7628xp-4f-eu	-	No
Operating System	korenix	jetnet_7628xp-4f-eu_firmware	1.1	Yes
Hardware	korenix	jetnet_7628xp-4f-eu	-	No
Operating System	korenix	jetnet_7628x-4f-us_firmware	1.0	Yes
Hardware	korenix	jetnet_7628x-4f-us	-	No
Operating System	korenix	jetnet_7628x-4f-eu_firmware	1.0	Yes
Hardware	korenix	jetnet_7628x-4f-eu	-	No
Operating System	korenix	jetnet_7714g-m12_hvdc_firmware	1.0	Yes
Hardware	korenix	jetnet_7714g-m12_hvdc	-	No

References

http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html Exploit, Third Party Advisory, VDB Entry ([email protected])
http://seclists.org/fulldisclosure/2024/Jan/11 Exploit, Mailing List, Third Party Advisory ([email protected])
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/ Exploit, Third Party Advisory ([email protected])
https://www.beijerelectronics.com/en/support/Help___online?docId=69947 Vendor Advisory ([email protected])
http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2024/Jan/11 Exploit, Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/ Exploit, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.beijerelectronics.com/en/support/Help___online?docId=69947 Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)