For vulnerabilities in Juniper SRX firewalls that, when combined, might give unauthenticated attackers remote code execution in Juniper’s JunOS on unpatched devices, proof-of-concept exploit code has been made available to the public.
Juniper revealed four moderately serious issues in its SRX firewalls and EX switches and issued security updates two weeks ago. The PHP-based J-Web interface that administrators can use to manage and configure Juniper devices on their networks was determined to have security issues.
An attacker can upload arbitrary files via J-Web with a specific request that doesn’t require authentication, resulting in a loss of integrity for a certain portion of the file system, which may allow chaining to other vulnerabilities read more Exploit released for Juniper firewall bugs allowing RCE attacks.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.
Juniper revealed four moderately serious issues in its SRX firewalls and EX switches and issued security updates two weeks ago.
The PHP-based J-Web interface that administrators can use to manage and configure Juniper devices on their networks was determined to have security issues.
An attacker can upload arbitrary files via J-Web with a specific request that doesn’t require authentication, resulting in a loss of integrity for a certain portion of the file system read more Exploit released for Juniper firewall bugs allowing RCE attacks