8 matches found
CVE-2025-59976
An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...
CVE-2025-59976
An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...
CVE-2025-59976
An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...
CVE-2025-59968
A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface. Tampering with this metadata can result in managed SRX Series devices permitting network traffic that...
CVE-2025-59976 Junos Space: Arbitrary file download vulnerability in web interface
An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...
CVE-2025-59976 Junos Space: Arbitrary file download vulnerability in web interface
An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...
CVE-2025-59976
CVE-2025-59976 affects Juniper Networks Junos Space. A flaw in the web interface allows a network-authenticated attacker to download arbitrary files via crafted GET requests, escaping the JBoss file-path restrictions. All versions before 24.1R3 are affected. Remediation: upgrade to Junos Space 24...
CVE-2025-59968 Junos Space Security Director: Insufficient authorization for sensitive resources in web interface
A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface. Tampering with this metadata can result in managed SRX Series devices permitting network traffic that...