Lucene search
+L

378 matches found

bdu_fstec
bdu_fstec
added 2023/07/06 12:0 a.m.10 views

The vulnerability of the J-Web interface in Juniper Networks Junos OS allows a hacker to read arbitrary files.

The vulnerability of the J-Web interface in Juniper Networks Junos OS systems is related to incorrect authentication. Exploiting this vulnerability allows a remote attacker to read arbitrary files...

5.3CVSS6.1AI score0.00482EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2023/06/28 12:0 a.m.8 views

The vulnerability of the J-Web interface of Juniper Networks Junos OS allows a attacker to load arbitrary files into temporary directories on the device.

The vulnerability of the J-Web interface in Juniper Networks Junos OS systems is related to improper authentication. Exploiting this vulnerability allows a malicious actor, who lacks valid authentication, to upload arbitrary files to temporary directories on the device...

10CVSS7.9AI score0.00559EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2023/06/13 12:0 a.m.8 views

The vulnerability in the J-Web web interface of Juniper Networks’ Junos operating system, which allows a perpetrator to gain unauthorized access to the protected system

The vulnerability of the J-Web web interface of Juniper Networks’ Junos operating system is related to insufficient neutralization of certain elements. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to the protected system through a...

5.3CVSS6.2AI score0.0049EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2023/06/13 12:0 a.m.7 views

The vulnerability in the web interface of the Juniper Networks Junos OS operating system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability in the J-Web web interface of the Juniper Networks Junos OS system is related to improper input validation. Exploiting this vulnerability allows an attacker, operating remotely, to gain unauthorized access to protected information by adding an XPath command to the XPath stream...

4.3CVSS5.8AI score0.00435EPSS
Exploits0References4Affected Software1
bdu_fstec
bdu_fstec
added 2023/06/13 12:0 a.m.7 views

The vulnerability in the J-Web web interface of Juniper Networks’ Junos operating system, which allows a hacker to upload arbitrary files.

The vulnerability of the J-Web web interface of Juniper Networks’ Junos operating system relates to the exploitation of a relative path. Exploiting this vulnerability allows a malicious actor to upload arbitrary files remotely...

4.3CVSS5.9AI score0.00619EPSS
Exploits0References4Affected Software1
nessus
nessus
added 2023/04/25 12:0 a.m.63 views

Juniper Junos OS Multiple Vulnerabilities (JSA70587)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA70587 advisory. - An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based...

9.8CVSS6.9AI score0.00559EPSS
Exploits0References6
osv
osv
added 2023/04/17 10:15 p.m.5 views

CVE-2023-28962

An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...

9.8CVSS5.9AI score0.00559EPSS
Exploits0References1
osv
osv
added 2023/04/17 10:15 p.m.5 views

CVE-2023-28963

An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...

5.3CVSS6.2AI score0.00482EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/04/17 12:0 a.m.9 views

CVE-2023-28962 Junos OS: Unauthenticated access vulnerability in J-Web

An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to upload arbitrary files to temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...

5.3CVSS7AI score0.00559EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2023/04/17 12:0 a.m.8 views

CVE-2023-28963 Junos OS: User-controlled input vulnerability in J-Web

An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...

5.3CVSS5.4AI score0.00482EPSS
Exploits0References1
cnnvd
cnnvd
added 2023/04/17 12:0 a.m.10 views

Juniper Networks Junos OS 授权问题漏洞

Juniper Networks Junos OS is a Juniper Networks network operating system for the company's hardware devices. The OS provides a secure programming interface and the Junos SDK. An authorization issue vulnerability exists in Juniper Networks Junos OS, which is caused by improper authentication in th...

5.3CVSS5.8AI score0.00482EPSS
Exploits0References2
cvelist
cvelist
added 2023/04/17 12:0 a.m.30 views

CVE-2023-28963 Junos OS: User-controlled input vulnerability in J-Web

An Improper Authentication vulnerability in cert-mgmt.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to read arbitrary files from temporary folders on the device. This issue affects Juniper Networks Junos OS: All versions prior to...

5.3CVSS5.6AI score0.00482EPSS
Exploits0References1
thn
thn
added 2022/10/28 2:30 p.m.155 views

High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices

Multiple high-severity security flaws have been disclosed as affecting Juniper Networks devices, some of which could be exploited to achieve code execution. Chief among them is a remote pre-authenticated PHP archive file deserialization vulnerability CVE-2022-22241, CVSS score: 8.1 in the J-Web...

9.8CVSS1.6AI score0.98975EPSS
Exploits12
nessus
nessus
added 2022/10/28 12:0 a.m.48 views

Juniper Junos OS Multiple Vulnerabilities (JSA69899)

The version of Junos OS installed on the remote host is affected by multiple vulnerabilities as referenced in the JSA69899 advisory. - An Improper Input Validation vulnerability in the J-Web component of Juniper Networks Junos OS may allow an unauthenticated attacker to access data without proper...

9.8CVSS6.9AI score0.02468EPSS
Exploits0References10
bdu_fstec
bdu_fstec
added 2022/10/26 12:0 a.m.8 views

The vulnerability of the J-Web interface in Juniper Networks Junos OS allows attackers to execute cross-site scripting attacks.

The vulnerability of the J-Web interface in Juniper Networks Junos OS operating systems is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

9CVSS5.6AI score0.00658EPSS
Exploits0References3Affected Software1
bdu_fstec
bdu_fstec
added 2022/10/26 12:0 a.m.7 views

The vulnerability of the J-Web interface in Juniper Networks Junos OS allows attackers to execute cross-site scripting attacks.

The vulnerability of the J-Web interface in Juniper Networks Junos OS operating systems is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

9CVSS6AI score0.00705EPSS
Exploits0References3Affected Software1
osv
osv
added 2022/10/18 3:15 a.m.11 views

CVE-2022-22242

A Cross-site Scripting XSS vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker to run malicious scripts reflected off of J-Web to the victim's browser in the context of their session within J-Web. This issue affects Juniper Networks Junos OS all...

6.1CVSS5.8AI score0.02468EPSS
Exploits0References1
nvd
nvd
added 2022/10/18 3:15 a.m.37 views

CVE-2022-22242

A Cross-site Scripting XSS vulnerability in the J-Web component of Juniper Networks Junos OS allows an unauthenticated attacker to run malicious scripts reflected off of J-Web to the victim's browser in the context of their session within J-Web. This issue affects Juniper Networks Junos OS all...

6.1CVSS0.02468EPSS
Exploits0References1
osv
osv
added 2022/10/18 3:15 a.m.9 views

CVE-2022-22246

A PHP Local File Inclusion LFI vulnerability in the J-Web component of Juniper Networks Junos OS may allow a low-privileged authenticated attacker to execute an untrusted PHP file. By chaining this vulnerability with other unspecified vulnerabilities, and by circumventing existing attack...

8.8CVSS5.8AI score0.00639EPSS
Exploits0References1
osv
osv
added 2022/10/18 3:15 a.m.8 views

CVE-2022-22243

An XPath Injection vulnerability due to Improper Input Validation in the J-Web component of Juniper Networks Junos OS allows an authenticated attacker to add an XPath command to the XPath stream, which may allow chaining to other unspecified vulnerabilities, leading to a partial loss of...

4.3CVSS5.8AI score0.00435EPSS
Exploits0References1
Rows per page
Query Builder