Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2025/10/10 4:20 p.m.5 views

CVE-2025-59976

An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...

7.1CVSS6.6AI score0.00266EPSS
Exploits0References1
NVD
NVD
added 2025/10/09 4:15 p.m.10 views

CVE-2025-59976

An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...

7.1CVSS0.00266EPSS
Exploits0References1
OSV
OSV
added 2025/10/09 4:15 p.m.3 views

CVE-2025-59976

An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...

7.1CVSS5.9AI score0.00266EPSS
Exploits0References1
OSV
OSV
added 2025/10/09 4:15 p.m.4 views

CVE-2025-59968

A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface. Tampering with this metadata can result in managed SRX Series devices permitting network traffic that...

7.7CVSS5.8AI score
Exploits0References2
Vulnrichment
Vulnrichment
added 2025/10/09 3:59 p.m.4 views

CVE-2025-59976 Junos Space: Arbitrary file download vulnerability in web interface

An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...

7.1CVSS6.3AI score0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/10/09 3:59 p.m.8 views

CVE-2025-59976 Junos Space: Arbitrary file download vulnerability in web interface

An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space allows a network-based authenticated attacker using a crafted GET method to access any file on the file system. Using specially crafted GET methods, an attacker can gain access to files beyond the file...

7.1CVSS0.00266EPSS
Exploits0References1
CVE
CVE
added 2025/10/09 3:59 p.m.21 views

CVE-2025-59976

CVE-2025-59976 affects Juniper Networks Junos Space. A flaw in the web interface allows a network-authenticated attacker to download arbitrary files via crafted GET requests, escaping the JBoss file-path restrictions. All versions before 24.1R3 are affected. Remediation: upgrade to Junos Space 24...

7.1CVSS6.3AI score0.00266EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2025/10/09 3:48 p.m.6 views

CVE-2025-59968 Junos Space Security Director: Insufficient authorization for sensitive resources in web interface

A Missing Authorization vulnerability in the Juniper Networks Junos Space Security Director allows an unauthenticated network-based attacker to read or modify metadata via the web interface. Tampering with this metadata can result in managed SRX Series devices permitting network traffic that...

8.6CVSS0.00284EPSS
Exploits0References2
Rows per page
Query Builder