// For flags

CVE-2023-23295

 

Severity Score

8.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an modify the sysCmd parameter in order to execute commands as root.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2023-01-11 CVE Reserved
  • 2023-02-23 CVE Published
  • 2024-08-02 CVE Updated
  • 2024-08-02 First Exploit
  • 2024-09-15 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection')
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Korenix
Search vendor "Korenix"
Jetwave 2212g Firmware
Search vendor "Korenix" for product "Jetwave 2212g Firmware"
1.3.t
Search vendor "Korenix" for product "Jetwave 2212g Firmware" and version "1.3.t"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2212g
Search vendor "Korenix" for product "Jetwave 2212g"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2212x Firmware
Search vendor "Korenix" for product "Jetwave 2212x Firmware"
1.3.0
Search vendor "Korenix" for product "Jetwave 2212x Firmware" and version "1.3.0"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2212x
Search vendor "Korenix" for product "Jetwave 2212x"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2212s Firmware
Search vendor "Korenix" for product "Jetwave 2212s Firmware"
1.3.0
Search vendor "Korenix" for product "Jetwave 2212s Firmware" and version "1.3.0"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2212s
Search vendor "Korenix" for product "Jetwave 2212s"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2211c Firmware
Search vendor "Korenix" for product "Jetwave 2211c Firmware"
< 1.6
Search vendor "Korenix" for product "Jetwave 2211c Firmware" and version " < 1.6"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2211c
Search vendor "Korenix" for product "Jetwave 2211c"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2411 Firmware
Search vendor "Korenix" for product "Jetwave 2411 Firmware"
< 1.5
Search vendor "Korenix" for product "Jetwave 2411 Firmware" and version " < 1.5"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2411
Search vendor "Korenix" for product "Jetwave 2411"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2111 Firmware
Search vendor "Korenix" for product "Jetwave 2111 Firmware"
< 1.5
Search vendor "Korenix" for product "Jetwave 2111 Firmware" and version " < 1.5"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2111
Search vendor "Korenix" for product "Jetwave 2111"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2411l Firmware
Search vendor "Korenix" for product "Jetwave 2411l Firmware"
< 1.6
Search vendor "Korenix" for product "Jetwave 2411l Firmware" and version " < 1.6"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2411l
Search vendor "Korenix" for product "Jetwave 2411l"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2111l Firmware
Search vendor "Korenix" for product "Jetwave 2111l Firmware"
< 1.6
Search vendor "Korenix" for product "Jetwave 2111l Firmware" and version " < 1.6"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2111l
Search vendor "Korenix" for product "Jetwave 2111l"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2414 Firmware
Search vendor "Korenix" for product "Jetwave 2414 Firmware"
< 1.4
Search vendor "Korenix" for product "Jetwave 2414 Firmware" and version " < 1.4"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2414
Search vendor "Korenix" for product "Jetwave 2414"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2114 Firmware
Search vendor "Korenix" for product "Jetwave 2114 Firmware"
< 1.4
Search vendor "Korenix" for product "Jetwave 2114 Firmware" and version " < 1.4"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2114
Search vendor "Korenix" for product "Jetwave 2114"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2424 Firmware
Search vendor "Korenix" for product "Jetwave 2424 Firmware"
< 1.3
Search vendor "Korenix" for product "Jetwave 2424 Firmware" and version " < 1.3"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2414
Search vendor "Korenix" for product "Jetwave 2414"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 2460 Firmware
Search vendor "Korenix" for product "Jetwave 2460 Firmware"
< 1.6
Search vendor "Korenix" for product "Jetwave 2460 Firmware" and version " < 1.6"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 2460
Search vendor "Korenix" for product "Jetwave 2460"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 4221hp-e Firmware
Search vendor "Korenix" for product "Jetwave 4221hp-e Firmware"
<= 1.3.0
Search vendor "Korenix" for product "Jetwave 4221hp-e Firmware" and version " <= 1.3.0"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 4221hp-e
Search vendor "Korenix" for product "Jetwave 4221hp-e"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 3220 V3 Firmware
Search vendor "Korenix" for product "Jetwave 3220 V3 Firmware"
< 1.7
Search vendor "Korenix" for product "Jetwave 3220 V3 Firmware" and version " < 1.7"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 3220 V3
Search vendor "Korenix" for product "Jetwave 3220 V3"
--
Safe
Korenix
Search vendor "Korenix"
Jetwave 3420 V3 Firmware
Search vendor "Korenix" for product "Jetwave 3420 V3 Firmware"
< 1.7
Search vendor "Korenix" for product "Jetwave 3420 V3 Firmware" and version " < 1.7"
-
Affected
in Korenix
Search vendor "Korenix"
Jetwave 3420 V3
Search vendor "Korenix" for product "Jetwave 3420 V3"
--
Safe