A series of severe security flaws have been disclosed to affect Juniper Networks devices, some of which might end up being exploited to achieve unauthorized access or remote code execution.
Out of the vulnerabilities presented in the vendor`s advisory, the most dangerous one appears to be CVE-2022-22241, a remote pre-authenticated PHP archive file deserialization vulnerability with the CVSS score of 8.1. This flaw can be found in the J-Web component of Junos OS, according to Octagon Networks researcher Paulos Yibelo. Attackers could exploit this vulnerability by sending a crafted POST request, thus triggering a deserialization which further leads to a remote code execution (RCE).
The five other vulnerabilities that have been identified are as follows:
- CVE-2022-22242: XSS vulnerability in the J-Web component which allows a remote threat actor to run malicious scripts to the victim’s browser.
- CVE-2022-22243 and CVE-2022-22244: Two XPATH Injection flaws, allowing an attacker to add an XPath command to the XPath stream, which may eventually lead to loss of confidentiality.
- CVE-2022-22245: A path traversal flaw that could permit a remote attacker to upload PHP files, leading to remote control execution.
- CVE-2022-22246: A local file inclusion vulnerability that could be weaponized to run malicious PHP code, further resulting in a complete system compromise.
According to The Hacker News, these issues have already been addressed in Junos OS versions 19.1R3-S9, 19.2R3-S6, 19.3R3-S7, 19.4R3-S9, 20.1R3-S5, 20.2R3-S5, 20.3R3-S5, 20.4R3-S4, 21.1R3-S2, 21.3R3, 21.4R3, 22.1R2, 22.2R1, and later.
As a workaround, the advisory recommends disabling J-Web or limiting the access to only trusted hosts. Additionally, any JunOS devices should be updated to the latest version, in order to mitigate these vulnerabilities.
If you liked this article, follow us on LinkedIn, Twitter, Facebook, YouTube, and Instagram for more cybersecurity news and topics.