Security News > 2023 > August > Hackers exploit critical Juniper RCE bug chain after PoC release

Hackers exploit critical Juniper RCE bug chain after PoC release
2023-08-29 14:51

Hackers are using a critical exploit chain to target Juniper EX switches and SRX firewalls via their Internet-exposed J-Web configuration interface.

One week after Juniper disclosed and released security updates to patch the four flaws that can be chained to achieve remote code execution, watchTowr Labs security researchers released a proof-of-concept exploit targeting the SRX firewall bugs.

While Juniper said there was no evidence of active exploitation, watchTowr Labs said they believe attackers would soon start targeting unpatched Juniper devices in widescale attacks.

As expected, security researchers at the nonprofit internet security organization Shadowserver Foundation revealed today that they'd detected exploitation attempts starting the same day watchTowr Labs' PoC exploit was released.

Exploit released for Juniper firewall bugs allowing RCE attacks.

Hackers exploit BleedingPipe RCE to target Minecraft servers, players.


News URL

https://www.bleepingcomputer.com/news/security/hackers-exploit-critical-juniper-rce-bug-chain-after-poc-release/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Juniper 33 0 325 328 54 707