Breaking News

High-Severity Flaws in Juniper Junos OS Affect Enterprise Networking Devices


Juniper SSL VPN and Junos OS

Multiple
high-severity
security
flaws
have
been
disclosed
as
affecting
Juniper
Networks
devices,
some
of
which
could
be
exploited
to
achieve
code
execution.

Chief
among
them
is
a
remote
pre-authenticated
PHP
archive
file
deserialization
vulnerability
(CVE-2022-22241,
CVSS
score:
8.1)
in
the
J-Web
component
of
Junos
OS,
according
to
Octagon
Networks
researcher
Paulos
Yibelo.

“This
vulnerability
can
be
exploited
by
an
unauthenticated
remote
attacker
to
get
remote
phar
files
deserialized,
leading
to
arbitrary
file
write,
which
leads
to
a
remote
code
execution
(RCE),”
Yibelo

said
in
a
report
shared
with
The
Hacker
News.

Also
identified
are
five
other
issues,
which
are
listed
as
follow


  • CVE-2022-22242
    (CVSS
    score:
    6.1)

    A
    pre-authenticated
    reflected

    XSS
    on
    the
    error
    page
    (“error.php”),
    allowing
    a
    remote
    adversary
    to
    siphon
    Junos
    OS
    admin
    session
    and
    chained
    with
    other
    flaws
    that
    require
    authentication.

  • CVE-2022-22243
    (CVSS
    score:
    4.3)
    &

    CVE-2022-22244
    (CVSS
    score:
    5.3)

    Two

    XPATH
    injection
    flaws
    that
    exploited
    by
    a
    remote
    authenticated
    attacker
    to
    steal
    and
    manipulate
    Junos
    OS
    admin
    sessions

  • CVE-2022-22245
    (CVSS
    score:
    4.3)

    A
    path
    traversal
    flaw
    that
    could
    permit
    a
    remote
    authenticated
    attacker
    to
    upload
    PHP
    files
    to
    any
    arbitrary
    location,
    in
    a
    manner
    similar
    to
    that
    of
    the
    recently
    disclosed
    RARlab
    UnRAR
    flaw
    (CVE-2022-30333),
    and

  • CVE-2022-22246
    (CVSS
    score:
    7.5)

    A
    local
    file
    inclusion
    vulnerability
    that
    could
    be
    weaponized
    to
    run
    untrusted
    PHP
    code.


CyberSecurity

“This
[CVE-2022-22246]
allows
an
attacker
the
ability
to
include
any
PHP
file
stored
on
the
server,”
Yibelo
noted. “If
this
vulnerability
is
exploited
alongside
the
file
upload
vulnerability,
it
can
lead
to
remote
code
execution.”

Users
of
Juniper
Networks
firewalls,
routers,
and
switches
are
recommended
to

apply
the
latest
software
patch
available
for
Junos
OS
to
mitigate
aforementioned
threats.

“One
or
more
of
these
issues
could
lead
to
unauthorized
local
file
access,
cross-site
scripting
attacks,
path
injection
and
traversal,
or
local
file
inclusion,”
Juniper
Networks

disclosed
in
an
advisory
released
on
October
12,
2022.

The
issues
have
been
addressed
in
Junos
OS
versions
19.1R3-S9,
19.2R3-S6,
19.3R3-S7,
19.4R3-S9,
20.1R3-S5,
20.2R3-S5,
20.3R3-S5,
20.4R3-S4,
21.1R3-S2,
21.3R3,
21.4R3,
22.1R2,
22.2R1,
and
later.

shortenage

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by WordPress | Bootstrap Themes