Connect with us

Hi, what are you looking for?



Flaws in Juniper Switches and Firewalls Can Be Chained for Remote Code Execution

Juniper Networks has released Junos OS updates to address J-Web vulnerabilities that can be combined to achieve unauthenticated, remote code execution.

Networking appliances maker Juniper Networks has announced patches for four vulnerabilities in the J-Web interface of Junos OS, which could be combined for unauthenticated, remote code execution.

Tracked as CVE-2023-36844 through CVE-2023-36847, the bugs have a severity rating of ‘medium’. Their chained exploitation, however, is rated ‘critical severity’, Juniper warns in an advisory.

“By chaining exploitation of these vulnerabilities, an unauthenticated, network-based attacker may be able to remotely execute code on the devices,” the company notes.

CVE-2023-36844 and CVE-2023-36845 are described as PHP external variable modification flaws that could allow remote attackers to control environment variables, without authentication.

“Utilizing a crafted request an attacker is able to modify certain PHP environments variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities,” Juniper explains.

CVE-2023-36846 and CVE-2023-36847 are described as missing authentication issues that could allow an attacker to upload arbitrary files, leading to impact on file system integrity.

“With a specific request that doesn’t require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrity for a certain part of the file system, which may allow chaining to other vulnerabilities,” Juniper notes.

Advertisement. Scroll to continue reading.

Disabling the J-Web interface, or limiting access to trusted hosts only should prevent exploitation of these issues, the company says.

The vulnerabilities impact the SRX series firewalls and EX series switches running Junos OS versions prior to 20.4R3-S8, 21.2R3-S6, 21.3R3-S5, 21.4R3-S4, 22.1R3-S3, 22.2R3-S1, 22.3R2-S2, 22.3R3, 22.4R2-S1, 22.4R3, and 23.2R1.

SRX series and EX series users are advised to update their appliances to the latest Junos OS iterations as soon as possible.

Juniper makes no mention of these vulnerabilities being exploited in the wild.

The Cybersecurity and Infrastructure Security Agency (CISA) warns that the exploitation of these vulnerabilities could lead to denial-of-service (DoS) conditions.

Related: Juniper Networks Patches High-Severity Vulnerabilities in Junos OS

Related: Juniper Networks Patches Critical Third-Party Component Vulnerabilities

Related: Juniper Networks Kicks Off 2023 With Patches for Over 200 Vulnerabilities

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.


Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.