Exclusive Content:

Thousands of Juniper devices extremely vulnerable

Some known vulnerabilities, not only together but sometimes individually, still pose a threat to thousands of Juniper devices connected to the Internet.

Approximately 12,000 Juniper SRX firewalls and EX Series switches running Junos OS remain highly vulnerable due to a combination of multiple vulnerabilities. Together they pose a serious threat, but some can be exploited individually for an RCE attack (Remote code execution).

Strong together

Overall, the five vulnerabilities all have a fairly light CVSS score of 5.3. However, when they are linked together, this number rises to the critical value of 9.8. Juniper already released this last month, including a number of solutions. This message was last updated on September 7th.

The link was first discovered by security firm watchTowr, which also recently warned Fortinet about several RCE vulnerabilities. They used the CVE-2023-36845 and CVE-2023-36846 vulnerabilities to upload two files to a vulnerable system, creating one RCE attack Initiate something.

Individual threat

Meanwhile, VulnCheck researchers have found out Jacob Baines that there is also a possibility to exploit a single vulnerability (CVE-2023-36845) for an RCE attack. He didn’t even have to upload a file. According to Baines, it is therefore necessary to re-evaluate the CVSS score of each vulnerability.

He shared a free scanner via GitHub to identify vulnerable systems. It turned out there were thousands. VulnCheck scans found that nearly four out of five online-connected Juniper systems are vulnerable to RCE attacks. That would be almost 12,000 in total.

More than a year ago, Juniper also suffered from several vulnerabilities at the same time. It is still advisable to implement updates as quickly as possible.

Source: IT Daily



Don't miss


The overheating problem with new iPhones is real. This doesn't happen to everyone (for example, it doesn't happen even once to...

Samsung introduced its new smartphone, tablet and wireless headphones

South Korean company Samsung introduced its new smartphone Galaxy S23 FE, two tablets Galaxy Tab S9 FE and Tab S9...


Please enter your comment!
Please enter your name here