CVE-2023-5376 - Korenix JetNet TFTP Improper Authentication

google / tsunami-security-scanner-plugins

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.

Apache License 2.0

860 stars 178 forks source link

CVE-2023-5376 - Korenix JetNet TFTP Improper Authentication #394

Closed Isaac-GC closed 4 months ago

Isaac-GC commented 4 months ago

Hi team,

I'd like to get started on CVE-2023-5376 which affects Korenix JetNet industrial switches.

Description:

An Improper Authentication vulnerability in Korenix JetNet TFTP allows abuse of this service. This issue affects JetNet devices older than firmware version 2024/01.

References:

https://www.tenable.com/cve/CVE-2023-5376
http://seclists.org/fulldisclosure/2024/Jan/11

tooryx commented 4 months ago

Hi @Isaac-GC,

Apologies for the delay and as usual thank you for willing to contribute. We are currently not interested in that CVE. I will reopen this issue if things change on our end. In the meantime, feel free to suggest other CVE if you have anything that you would be interested to work on.

~tooryx