3 results (0.027 seconds)

CVSS: 8.8EPSS: 0%CPEs: 30EXPL: 1

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root. • https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetwave-series • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •

CVSS: 6.5EPSS: 0%CPEs: 30EXPL: 1

Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault. • https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetwave-series • CWE-400: Uncontrolled Resource Consumption •

CVSS: 8.8EPSS: 0%CPEs: 30EXPL: 1

Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name parameter to execute commands as root. • https://cyberdanube.com/en/en-multiple-vulnerabilities-in-korenix-jetwave-series • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •