CyberSec.Space Logo
返回 CVE 浏览器

CVE-2012-4577

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.0140%
EPSS Percentile0.33th
Published2012年8月21日
Last Modified2026年4月29日

Vulnerability Description

The Linux firmware image on (1) Korenix Jetport 5600 series serial-device servers and (2) ORing Industrial DIN-Rail serial-device servers has a hardcoded password of "password" for the root account, which allows remote attackers to obtain administrative access via an SSH session.

Affected Platforms (CPE)

🔌
Korenix

Jetport

= 5601
🔌
Korenix

Jetport

= 5601f
🔌
Korenix

Jetport

= 5604
🔌
Korenix

Jetport

= 5604i

References & Advisories

🔗 http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02
🔗 http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02
🔗 http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity
🔗 http://www.securityfocus.com/bid/55196
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/77992
🔗 http://ics-cert.us-cert.gov/advisories/ICSA-12-263-02
🔗 http://ics-cert.us-cert.gov/advisories/ICSA-12-297-02
🔗 http://www.digitalbond.com/2012/06/13/korenix-and-oring-insecurity

相关漏洞威胁

CVE-2019-97256.1

The Web manager (aka Commander) on Korenix JetPort 5601 and 5601f devices has Persistent XSS via the Port Alias field under Serial...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...

CVE-2026-121895.3

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzm...