Juniper

Pierluigi Paganini November 13, 2023
CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog

US CISA added four vulnerabilities (tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847) in Juniper devices to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new vulnerabilities to its Known Exploited Vulnerabilities catalog, five issues impacting Juniper Junos OS and one impacting the SysAid SysAid IT support software. Below is the list […]

Pierluigi Paganini September 19, 2023
12,000 Juniper SRX firewalls and EX switches vulnerable to CVE-2023-36845

Researchers discovered approximately 12,000 Juniper SRX firewalls and EX switches vulnerable to a recently disclosed CVE-2023-36845 RCE flaw. VulnCheck researchers discovered approximately 12,000 internet-exposed Juniper SRX firewalls and EX switches that are vulnerable to the recently disclosed remote code execution flaw CVE-2023-36845. In mid-August, Juniper addressed four medium-severity (CVSS 5.3) vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) impacting […]

Pierluigi Paganini August 30, 2023
Threat actors started exploiting Juniper flaws shortly after PoC release

Threat actors started using the exploit chain in attacks on Juniper EX switches and SRX firewalls shortly after the release of the PoC code. This week, watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. An unauthenticated attacker can chain the vulnerabilities to gain remote code execution in Juniper […]

Pierluigi Paganini August 28, 2023
Researchers published PoC exploit code for Juniper SRX firewall flaws

Researchers published a PoC exploit code for Juniper SRX firewall flaws that can be chained to gain RCE in Juniper’s JunOS. watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. An unauthenticated attacker can chain the vulnerabilities to gain remote code execution in Juniper JunOS on vulnerable […]

Pierluigi Paganini October 28, 2022
Multiple vulnerabilities affect the Juniper Junos OS

Juniper Networks devices are affected by multiple high-severity issues, including code execution vulnerabilities. Multiple high-severity security vulnerabilities have been discovered in Juniper Networks devices. “Multiple vulnerabilities have been found in the J-Web component of Juniper Networks Junos OS. One or more of these issues could lead to unauthorized local file access, cross-site scripting attacks, path […]

Pierluigi Paganini October 16, 2020
Juniper fixes tens of flaws affecting the Junos OS

Juniper Networks has addressed tens of vulnerabilities, including serious flaws that can be exploited to take over vulnerable systems. Juniper Networks has addressed tens of vulnerabilities, including serious issues that can be exploited to take control of vulnerable systems. The vendor has published 40 security advisories related to security vulnerabilities in the Junos OS operating system […]

Pierluigi Paganini January 11, 2017
Juniper SRX firewalls open a root-level account due to a flaw

Experts at Juniper have discovered that an update for its Juniper SRX firewalls opens a root-level account on the network device. The company started warning its users, every user who issued the “request system software” command with the “partition” option is affected by the issue. The failure of the system update leaves it in a state where root CLI […]

Pierluigi Paganini December 23, 2015
Hackers in the wild attempt to exploit the Juniper Backdoor

A honeypot set up by researchers at the SANS institute has shown that hackers  have already attempted to exploit the Juniper backdoor. Shortly after Juniper posted the advisory related to the presence of unauthorized code in the OS of some of its Firewalls, HD Moore, the developer of the Rapid7′ Metasploit Framework, revealed that approximately 26,000 […]

Pierluigi Paganini December 22, 2015
Who planted the Juniper ScreenOS Authentication Backdoor?

Who planted the Authentication Backdoor in the Juniper ScreenOS? Security experts are making their speculation, but interesting revelations are coming out. While the FBI is investigating the case searching for responsible for the introduction of a backdoor in a number of Juniper network devices, a number of speculation are circulating on the Internet.  Juniper Networks is a […]

Pierluigi Paganini May 12, 2014
Multiple Security Misconfiguration in Juniper Online Service’s Lead to Expose Sensitive data

Security researcher Mohammed Saeed has Identified Multiple Security Misconfiguration in Juniper Online Service’s Lead to Expose Sensitive data and much more. Security researcher Mohammed Osman Saeed has Identified Multiple Security Misconfiguration in Juniper Online Service’s Lead to Expose Sensitive data & Lead to Control four Juniper Load-Balancer been accessed From Remote. He also disclosed Multiple XSS in […]