2 matches found
Juniper Junos J-Web Sajax Remote Code Execution (JSA10560)
According to its self-reported version number, the remote Junos device is affected by a remote code execution vulnerability due to a lack of validation when passing input from the 'rs' parameter to the '/jsdm/ajax/port.php' script. Authenticated users, when J-Web is enabled, can execute arbitrary...
CVE-2013-6618
CVE-2013-6618 affects Juniper Junos J-Web (Sajax) via jsdm/ajax/port.php. The root cause is a lack of input validation in the Sajax handle client request that processes the rsargs parameter in an exec action, enabling remote authenticated users to execute arbitrary commands with administrative pr...