4 matches found
CVE-2018-0001
A remote, unauthenticated attacker may be able to execute code by exploiting a use-after-free defect found in older versions of PHP through injection of crafted data via specific PHP URLs within the context of the J-Web process. Affected releases are Juniper Networks Junos OS: 12.1X46 versions...
CVE-2016-1265
Juniper Networks Junos Space is affected by CVE-2016-1265. All versions prior to 15.1R3 are vulnerable to remote, unauthenticated exploitation that may allow arbitrary code execution or access to devices managed by Junos Space via vectors including CSRF, default credentials, information disclosur...
CVE-2016-1265 Junos Space: privilege escalation vulnerabilities in Junos Space
A remote unauthenticated network based attacker with access to Junos Space may execute arbitrary code on Junos Space or gain access to devices managed by Junos Space using cross site request forgery CSRF, default authentication credentials, information leak and command injection attack vectors. A...
CVE-2017-10603 Junos OS: Local XML Injection through CLI command can lead to privilege escalation
An XML injection vulnerability in Junos OS CLI can allow a locally authenticated user to elevate privileges and run arbitrary commands as the root user. This issue was found during internal product security testing. Affected releases are Juniper Networks Junos OS 15.1X53 prior to 15.1X53-D47, 15....