CyberSec.Space Logo
Back to CVE Browser

CVE-2012-4577

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0140%
EPSS Percentile0.33th
PublishedAug 21, 2012
Last ModifiedApr 29, 2026

Vulnerability Description

The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session.

Affected Platforms (CPE)

πŸ”Œ
Korenix

Jetport

= 5601
πŸ”Œ
Korenix

Jetport

= 5601f
πŸ”Œ
Korenix

Jetport

= 5604
πŸ”Œ
Korenix

Jetport

= 5604i

References & Advisories

πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02
πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02
πŸ”— http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity
πŸ”— http://www.securityfocus.com/bid/55196
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/77992
πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02
πŸ”— http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02
πŸ”— http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity

Related Vulnerabilities

CVE-2019-97256.1

The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...