Juniper Junos Space < 24.1R4 Multiple Vulnerabilities (JSA103140)

According to its self-reported version number, the remote Junos Space version is prior to 24.1R4. It is, therefore, affected by multiple vulnerabilities, including the following: - An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper...

Vulnerabilities fixed in Juniper Networks Junos Space

Juniper has fixed vulnerabilities in Junos Space Specifically for all versions prior to 24.1R4. The vulnerabilities are in the way Juniper Networks Junos Space processes user input. Attackers can inject malicious scripts into various pages, such as the Device Template Definition, Global Search, a...

CVE-2025-59981

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Template Definition page that, when visited by another user, enables the attacker to execute commands with the...

EUVD-2025-33386

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Template Definition page that, when visited by another user, enables the attacker to execute commands with the...

CVE-2025-59981

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Template Definition page that, when visited by another user, enables the attacker to execute commands with the...

CVE-2025-59981

CVE-2025-59981 corresponds to a Cross-site Scripting (XSS) flaw in Juniper Networks Junos Space prior to version 24.1R4. The issue arises from improper input neutralization during web page generation on the Device Template Definition page, allowing an attacker to inject script tags that, when vie...

CVE-2025-59981 Junos Space: Device Template Definition page is vulnerable to reflected cross-site script injection

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Template Definition page that, when visited by another user, enables the attacker to execute commands with the...

CVE-2025-59981 Junos Space: Device Template Definition page is vulnerable to reflected cross-site script injection

An Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Juniper Networks Junos Space allows an attacker to inject script tags in the Device Template Definition page that, when visited by another user, enables the attacker to execute commands with the...

CVE-2021-1484

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated, remote attacker to inject arbitrary commands on an affected system and cause a denial of service DoS condition. This vulnerability is due to improper input validation of user-supplied input to the device...

Cisco SD-WAN vMange Command Injection Vulnerability

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A command injection vulnerability exists in Cisco SD-WAN vMange. The vulnerability stems from the program not properly validating user input...

Cisco SD-WAN 多款产品输入验证错误漏洞

Cisco SD-WAN vManage is a software from Cisco that provides software-defined networking capabilities. The software provides a way to virtualize the network. A command injection vulnerability exists in Cisco SD-WAN vMange. The vulnerability stems from the program not properly validating user input...