Korenix Jetwave 2212s Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Korenix Jetwave 2212s Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2021-39280 — CVSS 8.8 (high): Certain Korenix JetWave devices allow authenticated users to execute arbitrary code as root via /syscmd.asp. This affects 2212X before…
CVE-2023-23294 — CVSS 8.8 (high): Korenix JetWave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection. An attacker can modify the file_name…
CVE-2023-23295 — CVSS 8.8 (high): Korenix Jetwave 4200 Series 1.3.0 and JetWave 3000 Series 1.6.0 are vulnerable to Command Injection via /goform/formSysCmd. An attacker an…
CVE-2023-23296 — CVSS 6.5 (medium): Korenix JetWave 4200 Series 1.3.0 and JetWave 3200 Series 1.6.0 are vulnerable to Denial of Service via /goform/formDefault.