Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
junos vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2021-31384
Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an attacker who attempts to access J-Web administrative interfaces can successfully...
Juniper Junos 20.4
Juniper Junos 21.1
10
CVSSv3
CVE-2021-0248
This issue is not applicable to NFX NextGen Software. On NFX Series devices the use of Hard-coded Credentials in Juniper Networks Junos OS allows an malicious user to take over any instance of an NFX deployment. This issue is only exploitable through administrative interfaces. Th...
Juniper Junos
Juniper Junos 19.1
10
CVSSv3
CVE-2021-0211
An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an malicious user to send a valid BGP FlowSpec message thereby causing an unexpected change in the route advertisements within th...
Juniper Junos 17.3
Juniper Junos 17.4
Juniper Junos 18.1
Juniper Junos 18.2
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos Os Evolved 19.2
Juniper Junos Os Evolved 19.3
Juniper Junos Os Evolved 19.4
Juniper Junos Os Evolved 20.1
Juniper Junos Os Evolved 20.2
Juniper Junos Os Evolved 20.3
Juniper Junos 15.1x49
Juniper Junos 15.1x49-d30
Juniper Junos 15.1x49-d60
10
CVSSv3
CVE-2020-1614
A Use of Hard-coded Credentials vulnerability exists in the NFX250 Series for the vSRX Virtual Network Function (VNF) instance, which allows an malicious user to take control of the vSRX VNF instance if they have the ability to access an administrative service (e.g. SSH) on the V...
Juniper Junos
Juniper Junos 19.2
10
CVSSv3
CVE-2019-0007
The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was ...
Juniper Junos 15.1
9.9
CVSSv3
CVE-2020-1660
When DNS filtering is enabled on Juniper Networks Junos MX Series with one of the following cards MS-PIC, MS-MIC or MS-MPC, an incoming stream of packets processed by the Multiservices PIC Management Daemon (mspmand) process, responsible for managing "URL Filtering service&q...
Juniper Junos 17.3
Juniper Junos 18.3
Juniper Junos 18.4
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
9.8
CVSSv3
CVE-2024-21591
An Out-of-bounds Write vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and EX Series allows an unauthenticated, network-based malicious user to cause a Denial of Service (DoS), or Remote Code Execution (RCE) and obtain root privileges on the device. This issue ...
Juniper Junos 20.4
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
Juniper Junos 22.2
Juniper Junos 22.3
Juniper Junos
Juniper Junos 22.4
1 Article
9.8
CVSSv3
CVE-2023-36845
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based malicious user to remotely execute code. Using a crafted request which sets the variable PHPRC an attacker is able to modi...
Juniper Junos
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
Juniper Junos 22.2
Juniper Junos 22.3
Juniper Junos 22.4
20 Github repositories
1 Article
9.8
CVSSv3
CVE-2023-28962
An Improper Authentication vulnerability in upload-file.php, used by the J-Web component of Juniper Networks Junos OS allows an unauthenticated, network-based malicious user to upload arbitrary files to temporary folders on the device. This issue affects Juniper Networks Junos OS...
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
Juniper Junos
Juniper Junos 22.2
Juniper Junos 22.3
9.8
CVSSv3
CVE-2022-22241
An Improper Input Validation vulnerability in the J-Web component of Juniper Networks Junos OS may allow an unauthenticated malicious user to access data without proper authorization. Utilizing a crafted POST request, deserialization may occur which could lead to unauthorized loc...
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
Juniper Junos 21.4
Juniper Junos 22.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-3675
CVE-2024-3400
CVE-2024-23557
mass assignment
CVE-2023-1389
local file inclusion
CVE-2024-32596
file upload
CVE-2024-32593
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »