Command and Control
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.
With a specific request to
that doesn’t require authentication, an attacker is able to upload arbitrary files via J-Web, leading to a loss of
for a certain part of the file system, which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on SRX Series:
- 22.4 versions prior to 22,4R2-S2, 22.4R3;
- 23.2 versions prior to 23.2R2.