ГлавнаяУязвимости → CVE-2023-5376
8.6высокая

CVE-2023-5376

Описание

An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.

Затрагиваемое ПО
Korenix Jetnet 5310g firmwareKorenix Jetnet 5310gKorenix Jetnet 4508 firmwareKorenix Jetnet 4508Korenix Jetnet 4508i-w firmwareKorenix Jetnet 4508i-wKorenix Jetnet 4508-w firmwareKorenix Jetnet 4508-wKorenix Jetnet 4508if-s firmwareKorenix Jetnet 4508if-sKorenix Jetnet 4508if-m firmwareKorenix Jetnet 4508if-mKorenix Jetnet 4508if-sw firmwareKorenix Jetnet 4508if-swKorenix Jetnet 4508if-mw firmwareKorenix Jetnet 4508if-mwKorenix Jetnet 4508f-m firmwareKorenix Jetnet 4508f-mKorenix Jetnet 4508f-s firmwareKorenix Jetnet 4508f-sKorenix Jetnet 4508f-mw firmwareKorenix Jetnet 4508f-mwKorenix Jetnet 4508f-sw firmwareKorenix Jetnet 4508f-swKorenix Jetnet 5620g-4c firmware
CVSS
Балл8.6 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
Источники
http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.htmlhttp://seclists.org/fulldisclosure/2024/Jan/11https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/https://www.beijerelectronics.com/en/support/Help___online?docId=69947http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.htmlhttp://seclists.org/fulldisclosure/2024/Jan/11https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/https://www.beijerelectronics.com/en/support/Help___online?docId=69947