CVE-2023-36847
Junos OS: EX Series: A vulnerability in J-Web allows an unauthenticated attacker to upload arbitrary files
In short
A flaw in Juniper EX Series switches allows anyone on the network to upload files without logging in through the J-Web interface, potentially corrupting system files and enabling further attacks.
Technical detail
Missing authentication in the installAppPackage.php endpoint of J-Web on Junos OS EX Series permits unauthenticated, network-based file upload via HTTP request, compromising file system integrity and potentially enabling privilege escalation or code execution through subsequent vulnerabilities.
Summary generated and translated by AI from the official description.
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.
With a specific request to installAppPackage.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of
integrity
for a certain
part of the file system, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on EX Series:
* All versions prior to 20.4R3-S8;
* 21.1 versions 21.1R1 and later;
* 21.2 versions prior to 21.2R3-S6;
* 21.3 versions
prior to
21.3R3-S5;
* 21.4 versions
prior to
21.4R3-S4;
* 22.1 versions
prior to
22.1R3-S3;
* 22.2 versions
prior to
22.2R3-S1;
* 22.3 versions
prior to
22.3R2-S2, 22.3R3;
* 22.4 versions
prior to
22.4R2-S1, 22.4R3.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Affected products
Juniper Networks · Junos OSWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →