A Path Traversal vulnerability in the J-Web component of Juniper Networks Junos OS allows an authenticated malicious user to upload arbitrary files to the device by bypassing validation checks built into Junos OS. The attacker should not be able to execute the file due to validation checks built into Junos OS. Successful exploitation of this vulnerability could lead to loss of filesystem integrity. This issue affects Juniper Networks Junos OS: all versions before 19.1R3-S9; 19.2 versions before 19.2R3-S6; 19.3 versions before 19.3R3-S7; 19.4 versions before 19.4R3-S9; 20.1 versions before 20.1R3-S5; 20.2 versions before 20.2R3-S5; 20.3 versions before 20.3R3-S5; 20.4 versions before 20.4R3-S4; 21.1 versions before 21.1R3-S2; 21.2 versions before 21.2R3-S1; 21.3 versions before 21.3R2-S2, 21.3R3; 21.4 versions before 21.4R1-S2, 21.4R2-S1, 21.4R3; 22.1 versions before 22.1R1-S1, 22.1R2.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
juniper junos 19.1 |
||
juniper junos 19.2 |
||
juniper junos 19.3 |
||
juniper junos 19.4 |
||
juniper junos 20.1 |
||
juniper junos |
||
juniper junos 20.2 |
||
juniper junos 20.3 |
||
juniper junos 20.4 |
||
juniper junos 21.1 |
||
juniper junos 21.2 |
||
juniper junos 21.3 |
||
juniper junos 21.4 |
||
juniper junos 22.1 |