Multiple high-severity safety flaws have been disclosed as affecting Juniper Networks gadgets, a few of which may very well be exploited to realize code execution.
Chief amongst them is a distant pre-authenticated PHP archive file deserialization vulnerability (CVE-2022-22241, CVSS rating: 8.1) within the J-Web part of Junos OS, in response to Octagon Networks researcher Paulos Yibelo.
“This vulnerability may be exploited by an unauthenticated distant attacker to get distant phar recordsdata deserialized, resulting in arbitrary file write, which ends up in a distant code execution (RCE),” Yibelo mentioned in a report shared with The Hacker News.
Also recognized are 5 different points, that are listed as comply with –
- CVE-2022-22242 (CVSS rating: 6.1) – A pre-authenticated mirrored XSS on the error web page (“error.php”), permitting a distant adversary to siphon Junos OS admin session and chained with different flaws that require authentication.
- CVE-2022-22243 (CVSS rating: 4.3) & CVE-2022-22244 (CVSS rating: 5.3) – Two XPATH injection flaws that exploited by a distant authenticated attacker to steal and manipulate Junos OS admin periods
- CVE-2022-22245 (CVSS rating: 4.3) – A path traversal flaw that would allow a distant authenticated attacker to add PHP recordsdata to any arbitrary location, in a way just like that of the just lately disclosed RARlab UnRAR flaw (CVE-2022-30333), and
- CVE-2022-22246 (CVSS rating: 7.5) – An area file inclusion vulnerability that may very well be weaponized to run untrusted PHP code.
“This [CVE-2022-22246] permits an attacker the power to incorporate any PHP file saved on the server,” Yibelo famous. “If this vulnerability is exploited alongside the file add vulnerability, it will possibly result in distant code execution.”
Users of Juniper Networks firewalls, routers, and switches are really useful to apply the newest software program patch out there for Junos OS to mitigate aforementioned threats.
“One or extra of those points may result in unauthorized native file entry, cross-site scripting assaults, path injection and traversal, or native file inclusion,” Juniper Networks disclosed in an advisory launched on October 12, 2022.
The points have been addressed in Junos OS variations 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R3-S9, 20.1R3-S5, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.3R3, 21.4R3, 22.1R2, 22.2R1, and later.