Refine your search
12 vulnerabilities found for by Korenix
CVE-2024-11303 (GCVE-0-2024-11303)
Vulnerability from cvelistv5
Published
2024-11-18 13:24
Modified
2024-11-21 22:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-22 - Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Summary
The pathname of the root directory to a Restricted Directory ('Path Traversal') vulnerability in Korenix JetPort 5601 allows Path Traversal.This issue affects JetPort 5601: through 1.2.
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Korenix | JetPort 5601 |
Version: 0 < |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:korenix:jetport_5601:-:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport_5601",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-11303",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-18T14:13:56.722950Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T14:15:31.302Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-11-21T22:02:46.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Nov/8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "P. Oberndorfer"
},
{
"lang": "en",
"type": "finder",
"value": "B. T\u00f6sch"
},
{
"lang": "en",
"type": "finder",
"value": "M. Narbeshuber-Spletzer"
},
{
"lang": "en",
"type": "finder",
"value": "C. Hierzer"
},
{
"lang": "en",
"type": "finder",
"value": "M. Pammer"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "The pathname of the root directory to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Korenix JetPort 5601 allows Path Traversal.\u003cp\u003eThis issue affects JetPort 5601: through 1.2.\u003c/p\u003e"
}
],
"value": "The pathname of the root directory to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability in Korenix JetPort 5601 allows Path Traversal.This issue affects JetPort 5601: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-126",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-126 Path Traversal"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-11-18T14:33:59.788Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"tags": [
"third-party-advisory",
"exploit"
],
"url": "https://cyberdanube.com/en/en-st-polten-uas-path-traversal-in-korenix-jetport/"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Path Traversal",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-11303",
"datePublished": "2024-11-18T13:24:37.376Z",
"dateReserved": "2024-11-17T17:08:21.075Z",
"dateUpdated": "2024-11-21T22:02:46.052Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7397 (GCVE-0-2024-7397)
Vulnerability from cvelistv5
Published
2024-08-05 13:25
Modified
2025-11-04 16:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')
Summary
Improper filering of special characters result in a command ('command injection') vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Korenix | JetPort 5601v3 |
Version: 0 < |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:korenix:jetport5601v3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport5601v3",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7397",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-05T14:15:49.858700Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T14:26:13.585Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:15:55.337Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601v3",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper filering of special characters result in a command (\u0027command injection\u0027) vulnerability in Korenix JetPort 5601v3.\u003cp\u003eThis issue affects JetPort 5601v3: through 1.2.\u003c/p\u003e"
}
],
"value": "Improper filering of special characters result in a command (\u0027command injection\u0027) vulnerability in Korenix JetPort 5601v3.This issue affects JetPort 5601v3: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-88",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-88 OS Command Injection"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:25:43.610Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://cyberdanube.com/de/en-multiple-vulnerabilities-in-korenix-jetport/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated Command Injection",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-7397",
"datePublished": "2024-08-05T13:25:43.610Z",
"dateReserved": "2024-08-01T21:46:36.711Z",
"dateUpdated": "2025-11-04T16:15:55.337Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7396 (GCVE-0-2024-7396)
Vulnerability from cvelistv5
Published
2024-08-05 13:20
Modified
2025-11-04 16:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-311 - Missing Encryption of Sensitive Data
Summary
Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue affects JetPort 5601v3: through 1.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Korenix | JetPort 5601v3 |
Version: 0 < |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:o:korenix:jetport_5601v3:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport_5601v3",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7396",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-03T15:32:31.559672Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-03T15:36:02.184Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:15:54.405Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601v3",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.\u003cp\u003eThis issue affects JetPort 5601v3: through 1.2.\u003c/p\u003e"
}
],
"value": "Missing encryption of sensitive data in Korenix JetPort 5601v3 allows Eavesdropping.This issue affects JetPort 5601v3: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-651",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-651 Eavesdropping"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "PASSIVE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "NONE",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-311",
"description": "CWE-311 Missing Encryption of Sensitive Data",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:20:57.997Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://cyberdanube.com/de/en-multiple-vulnerabilities-in-korenix-jetport/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Plaintext Communication",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-7396",
"datePublished": "2024-08-05T13:20:57.997Z",
"dateReserved": "2024-08-01T21:46:35.555Z",
"dateUpdated": "2025-11-04T16:15:54.405Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-7395 (GCVE-0-2024-7395)
Vulnerability from cvelistv5
Published
2024-08-05 13:16
Modified
2025-11-04 16:15
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-287 - Improper Authentication
Summary
An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Korenix | JetPort 5601v3 |
Version: 0 < |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:h:korenix:jetport_5601:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "jetport_5601",
"vendor": "korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7395",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-07T20:31:11.620358Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-07T20:35:18.123Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2025-11-04T16:15:53.452Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"url": "http://seclists.org/fulldisclosure/2024/Aug/2"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetPort 5601v3",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "1.2",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.\u003cp\u003eThis issue affects JetPort 5601v3: through 1.2.\u003c/p\u003e"
}
],
"value": "An authentication bypass vulnerability in Korenix JetPort 5601v3 allows an attacker to access functionality on the device without specifying a password.This issue affects JetPort 5601v3: through 1.2."
}
],
"impacts": [
{
"capecId": "CAPEC-115",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-115 Authentication Bypass"
}
]
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-287",
"description": "CWE-287 Improper Authentication",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-05T13:16:05.964Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://cyberdanube.com/de/en-multiple-vulnerabilities-in-korenix-jetport/"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Insufficient Authentication",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2024-7395",
"datePublished": "2024-08-05T13:16:05.964Z",
"dateReserved": "2024-08-01T21:46:34.268Z",
"dateUpdated": "2025-11-04T16:15:53.452Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-2371 (GCVE-0-2024-2371)
Vulnerability from cvelistv5
Published
2024-03-12 08:49
Modified
2024-08-01 19:11
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor
Summary
Information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Korenix | JetI/O 6550 |
Version: F208 Build:0817 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-2371",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-03-12T16:16:54.722620Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:30:00.407Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T19:11:53.396Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/information-exposure-vulnerability-korenix-jetio-6550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "JetI/O 6550",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "F208 Build:0817"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "HADESS"
}
],
"datePublic": "2024-03-12T11:00:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials."
}
],
"value": "Information exposure vulnerability in Korenix JetI/O 6550 affecting firmware version F208 Build:0817. The SNMP protocol uses plaintext to transfer data, allowing an attacker to intercept traffic and retrieve credentials."
}
],
"impacts": [
{
"capecId": "CAPEC-59",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-59 Session Credential Falsification through Prediction"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-200",
"description": "CWE-200 Exposure of Sensitive Information to an Unauthorized Actor",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-12T08:49:46.017Z",
"orgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"shortName": "INCIBE"
},
"references": [
{
"url": "https://www.incibe.es/en/incibe-cert/notices/aviso-sci/information-exposure-vulnerability-korenix-jetio-6550"
}
],
"solutions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "There is no reported solution at this time."
}
],
"value": "There is no reported solution at this time."
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Information exposure vulnerability in Korenix JetI/O 6550",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "0cbda920-cd7f-484a-8e76-bf7f4b7f4516",
"assignerShortName": "INCIBE",
"cveId": "CVE-2024-2371",
"datePublished": "2024-03-12T08:49:46.017Z",
"dateReserved": "2024-03-11T11:40:18.291Z",
"dateUpdated": "2024-08-01T19:11:53.396Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5347 (GCVE-0-2023-5347)
Vulnerability from cvelistv5
Published
2024-01-09 09:54
Modified
2025-10-08 09:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
Summary
An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables. This issue affects JetNet devices older than firmware version 2024/01.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Korenix | JetNet Series |
Version: firmware older than 2024/01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:52:08.584Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"tags": [
"x_transferred"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5347",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T15:33:17.516940Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-06-03T14:33:02.608Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "JetNet Series",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "firmware older than 2024/01"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects JetNet devices older than firmware version 2024/01.\u003c/span\u003e"
}
],
"value": "An Improper Verification of Cryptographic Signature vulnerability in the update process of Korenix JetNet Series allows replacing the whole operating system including Trusted Executables.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
}
],
"impacts": [
{
"capecId": "CAPEC-558",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-558 Replace Trusted Executable"
}
]
},
{
"capecId": "CAPEC-552",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-552 Install Rootkit"
}
]
},
{
"capecId": "CAPEC-642",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-642 Replace Binaries"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "CWE-347 Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-327",
"description": "CWE-327 Use of a Broken or Risky Cryptographic Algorithm",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T09:10:00.840Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Unauthenticated Firmware Upgrade",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "See:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\"\u003ehttps://www.beijerelectronics.com/en/support/Help___online?docId=69947\u003c/a\u003e"
}
],
"value": "See:\u00a0 https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2023-5347",
"datePublished": "2024-01-09T09:54:59.664Z",
"dateReserved": "2023-10-03T08:11:00.343Z",
"dateUpdated": "2025-10-08T09:10:00.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-5376 (GCVE-0-2023-5376)
Vulnerability from cvelistv5
Published
2024-01-09 09:44
Modified
2025-10-08 09:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.
References
| URL | Tags | |
|---|---|---|
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Korenix | JetNet Series |
Version: firmware older than 2024/01 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T07:59:44.243Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"tags": [
"x_transferred"
],
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"tags": [
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"tags": [
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5376",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-11-14T15:27:48.719387Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-11-14T15:28:15.974Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "affected",
"product": "JetNet Series",
"vendor": "Korenix",
"versions": [
{
"status": "affected",
"version": "firmware older than 2024/01"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "S. Dietz (CyberDanube)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service.\u0026nbsp;\u003cspan style=\"background-color: var(--wht);\"\u003eThis issue affects JetNet devices older than firmware version 2024/01.\u003c/span\u003e"
}
],
"value": "An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service.\u00a0This issue affects JetNet devices older than firmware version 2024/01."
}
],
"impacts": [
{
"capecId": "CAPEC-114",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-114 Authentication Abuse"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-08T09:12:42.388Z",
"orgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"shortName": "CyberDanube"
},
"references": [
{
"url": "https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
},
{
"url": "https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetnet-series/"
},
{
"url": "http://seclists.org/fulldisclosure/2024/Jan/11"
},
{
"url": "http://packetstormsecurity.com/files/176550/Korenix-JetNet-Series-Unauthenticated-Access.html"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "TFTP Without Authentication",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "See:\u0026nbsp;\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.beijerelectronics.com/en/support/Help___online?docId=69947\"\u003ehttps://www.beijerelectronics.com/en/support/Help___online?docId=69947\u003c/a\u003e\u003cbr\u003e"
}
],
"value": "See:\u00a0 https://www.beijerelectronics.com/en/support/Help___online?docId=69947"
}
],
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "7d092a75-6bbd-48c6-a15a-0297458009bc",
"assignerShortName": "CyberDanube",
"cveId": "CVE-2023-5376",
"datePublished": "2024-01-09T09:44:18.108Z",
"dateReserved": "2023-10-04T09:30:19.108Z",
"dateUpdated": "2025-10-08T09:12:42.388Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12504 (GCVE-0-2020-12504)
Vulnerability from cvelistv5
Published
2020-10-15 18:42
Modified
2024-09-16 17:09
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-912 - Hidden Functionality
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Version: ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all Version: ES7510-XT < 2.1.1 Version: ES8510 < 3.1.1 |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.052Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-912",
"description": "CWE-912 Hidden Functionality",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:15.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "For ICRL-M-8RJ45/4SFP-G-DIN and ICRL-M-16RJ45/4CP-G-DIN:\nUpdate to Firmware 1.3.1 and deactivate TFTP-Service.\n\nFor all other devices:\nAn external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12504",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below has an active TFTP-Service."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-912 Hidden Functionality"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "For ICRL-M-8RJ45/4SFP-G-DIN and ICRL-M-16RJ45/4CP-G-DIN:\nUpdate to Firmware 1.3.1 and deactivate TFTP-Service.\n\nFor all other devices:\nAn external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12504",
"datePublished": "2020-10-15T18:42:59.041Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T17:09:09.147Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12503 (GCVE-0-2020-12503)
Vulnerability from cvelistv5
Published
2020-10-15 18:42
Modified
2024-09-17 04:24
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Version: ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all Version: ES7510-XT < 2.1.1 Version: ES8510 < 3.1.1 |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.086Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:09.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12503",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to multiple authenticated command injections."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-863 Incorrect Authorization"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12503",
"datePublished": "2020-10-15T18:42:58.016Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T04:24:41.310Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12502 (GCVE-0-2020-12502)
Vulnerability from cvelistv5
Published
2020-10-15 18:42
Modified
2024-09-16 18:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-352 - Cross-Site Request Forgery (CSRF)
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration.
References
| URL | Tags | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Version: ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all Version: ES7510-XT < 2.1.1 Version: ES8510 < 3.1.1 |
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.083Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-8RJ45/4SFP-G-DIN",
"versionType": "custom"
},
{
"lessThanOrEqual": "1.2.3",
"status": "affected",
"version": "ICRL-M-16RJ45/4CP-G-DIN",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-352",
"description": "CWE-352 Cross-Site Request Forgery (CSRF)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:11.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12502",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
},
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-8RJ45/4SFP-G-DIN",
"version_value": "1.2.3"
},
{
"version_affected": "\u003c=",
"version_name": "ICRL-M-16RJ45/4CP-G-DIN",
"version_value": "1.2.3"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) and ICRL-M-8RJ45/4SFP-G-DIN, ICRL-M-16RJ45/4CP-G-DIN FW 1.2.3 and below is prone to unauthenticated device administration."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-352 Cross-Site Request Forgery (CSRF)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "https://cert.vde.com/en-us/advisories/vde-2020-053",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/en-us/advisories/vde-2020-053"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12502",
"datePublished": "2020-10-15T18:42:57.229Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T18:43:33.813Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12501 (GCVE-0-2020-12501)
Vulnerability from cvelistv5
Published
2020-10-15 18:42
Modified
2024-09-16 19:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-798 - Use of Hard-coded Credentials
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts.
References
| URL | Tags | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Version: ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all Version: ES7510-XT < 2.1.1 Version: ES8510 < 3.1.1 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.091Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-798",
"description": "CWE-798 Use of Hard-coded Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-06-06T16:06:23.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12501",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) use undocumented accounts."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
},
{
"name": "20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2022/Jun/3"
},
{
"name": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/167409/Korenix-JetPort-5601V3-Backdoor-Account.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12501",
"datePublished": "2020-10-15T18:42:56.306Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-16T19:20:40.911Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-12500 (GCVE-0-2020-12500)
Vulnerability from cvelistv5
Published
2020-10-15 18:42
Modified
2024-09-17 01:10
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-306 - Missing Authentication for Critical Function
Summary
Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration.
References
| URL | Tags | |
|---|---|---|
|
|
||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Pepperl+Fuchs | P+F Comtrol RocketLinx |
Version: ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all Version: ES7510-XT < 2.1.1 Version: ES8510 < 3.1.1 |
||||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T11:56:52.048Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "P+F Comtrol RocketLinx",
"vendor": "Pepperl+Fuchs",
"versions": [
{
"status": "affected",
"version": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT all"
},
{
"lessThan": "2.1.1",
"status": "affected",
"version": "ES7510-XT",
"versionType": "custom"
},
{
"lessThan": "3.1.1",
"status": "affected",
"version": "ES8510",
"versionType": "custom"
}
]
},
{
"product": "JetNet",
"vendor": "Korenix",
"versions": [
{
"lessThanOrEqual": "V1.0",
"status": "affected",
"version": "5428G-20SFP",
"versionType": "custom"
},
{
"lessThanOrEqual": "V1.1",
"status": "affected",
"version": "5810G",
"versionType": "custom"
},
{
"lessThanOrEqual": "V2.3b",
"status": "affected",
"version": "4706F",
"versionType": "custom"
},
{
"lessThanOrEqual": "V3.0b",
"status": "affected",
"version": "4510",
"versionType": "custom"
},
{
"lessThan": "V1.6",
"status": "affected",
"version": "5310",
"versionType": "custom"
}
]
},
{
"product": "PMI-110-F2G",
"vendor": "Westermo",
"versions": [
{
"lessThan": "V1.8",
"status": "affected",
"version": "unspecified",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "en",
"value": "Coordinated by CERT@VDE"
}
],
"datePublic": "2020-10-07T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-306",
"description": "CWE-306 Missing Authentication for Critical Function",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-02-04T19:06:13.000Z",
"orgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"shortName": "CERTVDE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
],
"solutions": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
},
"title": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products",
"x_generator": {
"engine": "Vulnogram 0.0.9"
},
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "info@cert.vde.com",
"DATE_PUBLIC": "2020-10-07T13:10:00.000Z",
"ID": "CVE-2020-12500",
"STATE": "PUBLIC",
"TITLE": "Pepperl+Fuchs improper authorization affects multiple Comtrol RocketLinx products"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "P+F Comtrol RocketLinx",
"version": {
"version_data": [
{
"version_affected": "=",
"version_name": "ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510-XTE, ES9528/ES9528-XT",
"version_value": "all"
},
{
"version_affected": "\u003c",
"version_name": "ES7510-XT",
"version_value": "2.1.1"
},
{
"version_affected": "\u003c",
"version_name": "ES8510",
"version_value": "3.1.1"
}
]
}
}
]
},
"vendor_name": "Pepperl+Fuchs"
},
{
"product": {
"product_data": [
{
"product_name": "JetNet",
"version": {
"version_data": [
{
"version_affected": "\u003c=",
"version_name": "5428G-20SFP",
"version_value": "V1.0"
},
{
"version_affected": "\u003c=",
"version_name": "5810G",
"version_value": "V1.1"
},
{
"version_affected": "\u003c=",
"version_name": "4706F",
"version_value": "V2.3b"
},
{
"version_affected": "\u003c=",
"version_name": "4510",
"version_value": "V3.0b"
},
{
"version_affected": "\u003c",
"version_name": "5310",
"version_value": "V1.6"
}
]
}
}
]
},
"vendor_name": "Korenix"
},
{
"product": {
"product_data": [
{
"product_name": "PMI-110-F2G",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_value": "V1.8"
}
]
}
}
]
},
"vendor_name": "Westermo"
}
]
}
},
"credit": [
{
"lang": "eng",
"value": "T. Weber (SEC Consult Vulnerability Lab)"
},
{
"lang": "eng",
"value": "Coordinated by CERT@VDE"
}
],
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Improper Authorization vulnerability of Pepperl+Fuchs P+F Comtrol RocketLinx ES7510-XT, ES8509-XT, ES8510-XT, ES9528-XTv2, ES7506, ES7510, ES7528, ES8508, ES8508F, ES8510, ES8510-XTE, ES9528/ES9528-XT (all versions) allows unauthenticated device administration."
}
]
},
"generator": {
"engine": "Vulnogram 0.0.9"
},
"impact": {
"cvss": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-306 Missing Authentication for Critical Function"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://cert.vde.com/de-de/advisories/vde-2020-040",
"refsource": "CONFIRM",
"url": "https://cert.vde.com/de-de/advisories/vde-2020-040"
},
{
"name": "20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2021/Jun/0"
},
{
"name": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/162903/Korenix-CSRF-Backdoor-Accounts-Command-Injection-Missing-Authentication.html"
},
{
"name": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/",
"refsource": "CONFIRM",
"url": "https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-korenix-technology-westermo-pepperl-fuchs/"
},
{
"name": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/165875/Korenix-Technology-JetWave-CSRF-Command-Injection-Missing-Authentication.html"
}
]
},
"solution": [
{
"lang": "en",
"value": "An external protective measure is required.\n\n1) Traffic from untrusted networks to the device should be blocked by a firewall. Especially\ntraffic targeting the administration webpage.\n\n2) Administrator and user access should be protected by a secure password and only be\navailable to a very limited group of people."
}
],
"source": {
"advisory": "VDE-2020-040",
"discovery": "EXTERNAL"
}
}
}
},
"cveMetadata": {
"assignerOrgId": "270ccfa6-a436-4e77-922e-914ec3a9685c",
"assignerShortName": "CERTVDE",
"cveId": "CVE-2020-12500",
"datePublished": "2020-10-15T18:42:54.978Z",
"dateReserved": "2020-04-30T00:00:00.000Z",
"dateUpdated": "2024-09-17T01:10:49.072Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}