Juniper J-Web Junos OS Vulnerabilities Combined in Cybercrime Attacks
Take action: The quick action became an URGENT action on your Juniper devices: Immediately disable the J-Web inteface or configure it to respond only to trusted internal IP addresses. Start patching ASAP. Or just get hacked. Automatically.
Learn More
Threat actors have initiated the exploitation of four recently patched vulnerabilities within Juniper Networks' Junos OS J-Web component, following the online publication of proof-of-concept (PoC) exploit code.
While individually these vulnerabilities, carried a medium severity score, combined together they were scored as 9.8 on the CVSS3 scoring. Together they allow remote control of environment variables and arbitrary file uploads without authentication.
Although Juniper Networks released patches for these vulnerabilities ten days prior, emphasizing their potential for remote code execution, attacks started on August 25, coinciding with the release of the PoC code.
The exploited vulnerabilities impact SRX series firewalls and EX series switches using Junos OS versions before 20.4R3-S8. Exposure is notable in Asia, North America, and Europe.
