Security News > 2023 > September > Thousands of Juniper Junos firewalls still open to hijacks, exploit code available to all
About 79 percent of public-facing Juniper SRX firewalls remain vulnerable to a single security flaw can allow an unauthenticated attacker to remotely execute code on the devices, according to threat intelligence platform provider VulnCheck.
Juniper revealed and addressed five flaws, which affect all versions of Junos OS on SRX firewalls and EX Series switches, in an out-of-cycle security bulletin on August 17.
It's unclear why Juniper chose to enumerate five CVEs instead of two.
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables.
Juniper did not respond to The Register's inquiries about the new RCE exploit, the confusing CVE descriptions, or the number of still-vulnerable devices.
Despite the flaws in Juniper's kit being known, and shown to be a real threat, VulnCheck believes the majority of affected internet-facing firewalls - about 15,000 devices - still aren't patched.
News URL
https://go.theregister.com/feed/www.theregister.com/2023/09/18/juniper_firewalls_rce/
Related news
- Hackers exploit KerioControl firewall flaw to steal admin CSRF tokens (source)
- Palo Alto Firewalls Found Vulnerable to Secure Boot Bypass and Firmware Exploits (source)
- SonicWall firewall exploit lets hackers hijack VPN sessions, patch now (source)
- SonicWall firewall bug leveraged in attacks after PoC exploit release (source)