CVE-2023-5376 - NVD | ByteOS Network

NVD Vulnerability Details :

CVE-2023-5376

Analyzed

More Info Official Page

Source-office@cyberdanube.com

Published At-09 Jan, 2024 | 10:15

Updated At-17 Jan, 2024 | 17:46

An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.

Metrics

Type	Version	Base score	Base severity	Vector
Primary	3.1	9.1	CRITICAL	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Secondary	3.1	8.6	HIGH	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CPE Matches

korenix>>jetnet_5310g>>-

cpe:2.3:h:korenix:jetnet_5310g:-:*:*:*:*:*:*:*

korenix>>jetnet_5310g_firmware>>2.6

cpe:2.3:o:korenix:jetnet_5310g_firmware:2.6:*:*:*:*:*:*:*

korenix>>jetnet_4508>>-

cpe:2.3:h:korenix:jetnet_4508:-:*:*:*:*:*:*:*

korenix>>jetnet_4508_firmware>>2.3

cpe:2.3:o:korenix:jetnet_4508_firmware:2.3:*:*:*:*:*:*:*

korenix>>jetnet_4508i-w>>-

cpe:2.3:h:korenix:jetnet_4508i-w:-:*:*:*:*:*:*:*

korenix>>jetnet_4508i-w_firmware>>1.3

cpe:2.3:o:korenix:jetnet_4508i-w_firmware:1.3:*:*:*:*:*:*:*

korenix>>jetnet_4508-w>>-

cpe:2.3:h:korenix:jetnet_4508-w:-:*:*:*:*:*:*:*

korenix>>jetnet_4508-w_firmware>>2.3

cpe:2.3:o:korenix:jetnet_4508-w_firmware:2.3:*:*:*:*:*:*:*

korenix>>jetnet_4508if-s>>-

cpe:2.3:h:korenix:jetnet_4508if-s:-:*:*:*:*:*:*:*

korenix>>jetnet_4508if-s_firmware>>1.3

cpe:2.3:o:korenix:jetnet_4508if-s_firmware:1.3:*:*:*:*:*:*:*

korenix>>jetnet_4508if-m>>-

cpe:2.3:h:korenix:jetnet_4508if-m:-:*:*:*:*:*:*:*

korenix>>jetnet_4508if-m_firmware>>1.3

cpe:2.3:o:korenix:jetnet_4508if-m_firmware:1.3:*:*:*:*:*:*:*

korenix>>jetnet_4508if-sw>>-

cpe:2.3:h:korenix:jetnet_4508if-sw:-:*:*:*:*:*:*:*

korenix>>jetnet_4508if-sw_firmware>>1.3

cpe:2.3:o:korenix:jetnet_4508if-sw_firmware:1.3:*:*:*:*:*:*:*

korenix>>jetnet_4508if-mw>>-

cpe:2.3:h:korenix:jetnet_4508if-mw:-:*:*:*:*:*:*:*

korenix>>jetnet_4508if-mw_firmware>>1.3

cpe:2.3:o:korenix:jetnet_4508if-mw_firmware:1.3:*:*:*:*:*:*:*

korenix>>jetnet_4508f-m_firmware>>2.3

cpe:2.3:o:korenix:jetnet_4508f-m_firmware:2.3:*:*:*:*:*:*:*

korenix>>jetnet_4508f-m>>-

cpe:2.3:h:korenix:jetnet_4508f-m:-:*:*:*:*:*:*:*

korenix>>jetnet_4508f-s_firmware>>2.3

cpe:2.3:o:korenix:jetnet_4508f-s_firmware:2.3:*:*:*:*:*:*:*

korenix>>jetnet_4508f-s>>-

cpe:2.3:h:korenix:jetnet_4508f-s:-:*:*:*:*:*:*:*

korenix>>jetnet_4508f-mw_firmware>>2.3

cpe:2.3:o:korenix:jetnet_4508f-mw_firmware:2.3:*:*:*:*:*:*:*

korenix>>jetnet_4508f-mw>>-

cpe:2.3:h:korenix:jetnet_4508f-mw:-:*:*:*:*:*:*:*

korenix>>jetnet_4508f-sw_firmware>>2.3

cpe:2.3:o:korenix:jetnet_4508f-sw_firmware:2.3:*:*:*:*:*:*:*

korenix>>jetnet_4508f-sw>>-

cpe:2.3:h:korenix:jetnet_4508f-sw:-:*:*:*:*:*:*:*

korenix>>jetnet_5620g-4c_firmware>>1.1

cpe:2.3:o:korenix:jetnet_5620g-4c_firmware:1.1:*:*:*:*:*:*:*

korenix>>jetnet_5620g-4c>>-

cpe:2.3:h:korenix:jetnet_5620g-4c:-:*:*:*:*:*:*:*

korenix>>jetnet_5612gp-4f_firmware>>1.2

cpe:2.3:o:korenix:jetnet_5612gp-4f_firmware:1.2:*:*:*:*:*:*:*

korenix>>jetnet_5612gp-4f>>-

cpe:2.3:h:korenix:jetnet_5612gp-4f:-:*:*:*:*:*:*:*

korenix>>jetnet_5612g-4f_firmware>>1.2

cpe:2.3:o:korenix:jetnet_5612g-4f_firmware:1.2:*:*:*:*:*:*:*

korenix>>jetnet_5612g-4f>>-

cpe:2.3:h:korenix:jetnet_5612g-4f:-:*:*:*:*:*:*:*

korenix>>jetnet_5728g-24p-ac-2dc-us_firmware>>2.1

cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-us_firmware:2.1:*:*:*:*:*:*:*

korenix>>jetnet_5728g-24p-ac-2dc-us>>-

cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-us:-:*:*:*:*:*:*:*

korenix>>jetnet_5728g-24p-ac-2dc-eu_firmware>>2.1

cpe:2.3:o:korenix:jetnet_5728g-24p-ac-2dc-eu_firmware:2.1:*:*:*:*:*:*:*

korenix>>jetnet_5728g-24p-ac-2dc-eu>>-

cpe:2.3:h:korenix:jetnet_5728g-24p-ac-2dc-eu:-:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-2ac-eu_firmware>>1.0

cpe:2.3:o:korenix:jetnet_6528gf-2ac-eu_firmware:1.0:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-2ac-eu>>-

cpe:2.3:h:korenix:jetnet_6528gf-2ac-eu:-:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-2ac-us_firmware>>1.0

cpe:2.3:o:korenix:jetnet_6528gf-2ac-us_firmware:1.0:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-2ac-us>>-

cpe:2.3:h:korenix:jetnet_6528gf-2ac-us:-:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-2dc24_firmware>>1.0

cpe:2.3:o:korenix:jetnet_6528gf-2dc24_firmware:1.0:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-2dc24>>-

cpe:2.3:h:korenix:jetnet_6528gf-2dc24:-:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-2dc48_firmware>>1.0

cpe:2.3:o:korenix:jetnet_6528gf-2dc48_firmware:1.0:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-2dc48>>-

cpe:2.3:h:korenix:jetnet_6528gf-2dc48:-:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-ac-eu_firmware>>1.0

cpe:2.3:o:korenix:jetnet_6528gf-ac-eu_firmware:1.0:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-ac-eu>>-

cpe:2.3:h:korenix:jetnet_6528gf-ac-eu:-:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-ac-us_firmware>>1.0

cpe:2.3:o:korenix:jetnet_6528gf-ac-us_firmware:1.0:*:*:*:*:*:*:*

korenix>>jetnet_6528gf-ac-us>>-

cpe:2.3:h:korenix:jetnet_6528gf-ac-us:-:*:*:*:*:*:*:*

korenix>>jetnet_6628xp-4f-us_firmware>>1.1

cpe:2.3:o:korenix:jetnet_6628xp-4f-us_firmware:1.1:*:*:*:*:*:*:*

korenix>>jetnet_6628xp-4f-us>>-

cpe:2.3:h:korenix:jetnet_6628xp-4f-us:-:*:*:*:*:*:*:*

korenix>>jetnet_6628x-4f-eu_firmware>>1.0

cpe:2.3:o:korenix:jetnet_6628x-4f-eu_firmware:1.0:*:*:*:*:*:*:*

korenix>>jetnet_6628x-4f-eu>>-

cpe:2.3:h:korenix:jetnet_6628x-4f-eu:-:*:*:*:*:*:*:*

Weaknesses

CWE ID	Type	Source
CWE-287	Primary	nvd@nist.gov
CWE-287	Secondary	office@cyberdanube.com

References

Hyperlink	Source	Resource
http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html	office@cyberdanube.com	Exploit Third Party Advisory VDB Entry
http://seclists.org/fulldisclosure/2024/Jan/11	office@cyberdanube.com	Exploit Mailing List Third Party Advisory
https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/	office@cyberdanube.com	Exploit Third Party Advisory
https://www.beijerelectronics.com/en/support/Help___online?docId=69947	office@cyberdanube.com	Vendor Advisory