CVE-2023-5376

Exploit

EPSS 0.35%
Published 09.01.2024 10:15:22
Last modified 21.11.2024 08:41:38
Source office@cyberdanube.com
Teams watchlist Login
Open Login

An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.

Affected products Warnungen 0 Metrics 3 CWE 1 References 7

Data is provided by the National Vulnerability Database (NVD)

Korenix ≫ Jetnet 5310g Firmware Version2.6

Korenix ≫ Jetnet 5310g Version-

Korenix ≫ Jetnet 4508 Firmware Version2.3

Korenix ≫ Jetnet 4508 Version-

Korenix ≫ Jetnet 4508i-w Firmware Version1.3

Korenix ≫ Jetnet 4508i-w Version-

Korenix ≫ Jetnet 4508-w Firmware Version2.3

Korenix ≫ Jetnet 4508-w Version-

Korenix ≫ Jetnet 4508if-s Firmware Version1.3

Korenix ≫ Jetnet 4508if-s Version-

Korenix ≫ Jetnet 4508if-m Firmware Version1.3

Korenix ≫ Jetnet 4508if-m Version-

Korenix ≫ Jetnet 4508if-sw Firmware Version1.3

Korenix ≫ Jetnet 4508if-sw Version-

Korenix ≫ Jetnet 4508if-mw Firmware Version1.3

Korenix ≫ Jetnet 4508if-mw Version-

Korenix ≫ Jetnet 4508f-m Firmware Version2.3

Korenix ≫ Jetnet 4508f-m Version-

Korenix ≫ Jetnet 4508f-s Firmware Version2.3

Korenix ≫ Jetnet 4508f-s Version-

Korenix ≫ Jetnet 4508f-mw Firmware Version2.3

Korenix ≫ Jetnet 4508f-mw Version-

Korenix ≫ Jetnet 4508f-sw Firmware Version2.3

Korenix ≫ Jetnet 4508f-sw Version-

Korenix ≫ Jetnet 5620g-4c Firmware Version1.1

Korenix ≫ Jetnet 5620g-4c Version-

Korenix ≫ Jetnet 5612gp-4f Firmware Version1.2

Korenix ≫ Jetnet 5612gp-4f Version-

Korenix ≫ Jetnet 5612g-4f Firmware Version1.2

Korenix ≫ Jetnet 5612g-4f Version-

Korenix ≫ Jetnet 5728g-24p-ac-2dc-us Firmware Version2.1

Korenix ≫ Jetnet 5728g-24p-ac-2dc-us Version-

Korenix ≫ Jetnet 5728g-24p-ac-2dc-eu Firmware Version2.1

Korenix ≫ Jetnet 5728g-24p-ac-2dc-eu Version-

Korenix ≫ Jetnet 6528gf-2ac-eu Firmware Version1.0

Korenix ≫ Jetnet 6528gf-2ac-eu Version-

Korenix ≫ Jetnet 6528gf-2ac-us Firmware Version1.0

Korenix ≫ Jetnet 6528gf-2ac-us Version-

Korenix ≫ Jetnet 6528gf-2dc24 Firmware Version1.0

Korenix ≫ Jetnet 6528gf-2dc24 Version-

Korenix ≫ Jetnet 6528gf-2dc48 Firmware Version1.0

Korenix ≫ Jetnet 6528gf-2dc48 Version-

Korenix ≫ Jetnet 6528gf-ac-eu Firmware Version1.0

Korenix ≫ Jetnet 6528gf-ac-eu Version-

Korenix ≫ Jetnet 6528gf-ac-us Firmware Version1.0

Korenix ≫ Jetnet 6528gf-ac-us Version-

Korenix ≫ Jetnet 6628xp-4f-us Firmware Version1.1

Korenix ≫ Jetnet 6628xp-4f-us Version-

Korenix ≫ Jetnet 6628x-4f-eu Firmware Version1.0

Korenix ≫ Jetnet 6628x-4f-eu Version-

Korenix ≫ Jetnet 6728g-24p-ac-2dc-us Firmware Version1.1

Korenix ≫ Jetnet 6728g-24p-ac-2dc-us Version-

Korenix ≫ Jetnet 6728g-24p-ac-2dc-eu Firmware Version1.1

Korenix ≫ Jetnet 6728g-24p-ac-2dc-eu Version-

Korenix ≫ Jetnet 6828gf-2dc48 Firmware Version1.0

Korenix ≫ Jetnet 6828gf-2dc48 Version-

Korenix ≫ Jetnet 6828gf-2dc24 Firmware Version1.0

Korenix ≫ Jetnet 6828gf-2dc24 Version-

Korenix ≫ Jetnet 6828gf-ac-dc24-us Firmware Version1.0

Korenix ≫ Jetnet 6828gf-ac-dc24-us Version-

Korenix ≫ Jetnet 6828gf-2ac-us Firmware Version1.0

Korenix ≫ Jetnet 6828gf-2ac-us Version-

Korenix ≫ Jetnet 6828gf-ac-us Firmware Version1.0

Korenix ≫ Jetnet 6828gf-ac-us Version-

Korenix ≫ Jetnet 6828gf-2ac-au Firmware Version1.0

Korenix ≫ Jetnet 6828gf-2ac-au Version-

Korenix ≫ Jetnet 6828gf-ac-dc24-eu Firmware Version1.0

Korenix ≫ Jetnet 6828gf-ac-dc24-eu Version-

Korenix ≫ Jetnet 6828gf-2ac-eu Firmware Version1.0

Korenix ≫ Jetnet 6828gf-2ac-eu Version-

Korenix ≫ Jetnet 6910g-m12 Hvdc Firmware Version1.0

Korenix ≫ Jetnet 6910g-m12 Hvdc Version-

Korenix ≫ Jetnet 7310g-v2 Firmware Version1.0

Korenix ≫ Jetnet 7310g-v2 Version-

Korenix ≫ Jetnet 7628xp-4f-us Firmware Version1.0

Korenix ≫ Jetnet 7628xp-4f-us Version-

Korenix ≫ Jetnet 7628xp-4f-us Firmware Version1.1

Korenix ≫ Jetnet 7628xp-4f-us Version-

Korenix ≫ Jetnet 7628xp-4f-eu Firmware Version1.0

Korenix ≫ Jetnet 7628xp-4f-eu Version-

Korenix ≫ Jetnet 7628xp-4f-eu Firmware Version1.1

Korenix ≫ Jetnet 7628xp-4f-eu Version-

Korenix ≫ Jetnet 7628x-4f-us Firmware Version1.0

Korenix ≫ Jetnet 7628x-4f-us Version-

Korenix ≫ Jetnet 7628x-4f-eu Firmware Version1.0

Korenix ≫ Jetnet 7628x-4f-eu Version-

Korenix ≫ Jetnet 7714g-m12 Hvdc Firmware Version1.0

Korenix ≫ Jetnet 7714g-m12 Hvdc Version-

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Type	Source	Score	Percentile
EPSS	FIRST.org	0.35%	0.561

CVSS Metriken
Source	Base Score	Exploit Score	Impact Score	Vector string
nvd@nist.gov	9.1	3.9	5.2	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
office@cyberdanube.com	8.6	3.9	4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CWE-287 Improper Authentication

When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.

http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html

Third Party Advisory

Exploit

VDB Entry

http://seclists.org/fulldisclosure/2024/Jan/11

Third Party Advisory

Exploit

Mailing List

https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/

Third Party Advisory

Exploit

https://www.beijerelectronics.com/en/support/Help___online?docId=69947

Vendor Advisory

https://nvd.nist.gov/vuln/detail/CVE-2023-5376

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2023-5376

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2023-5376

EUVD