Security News

Networking hardware company Juniper Networks has released an "Out-of-cycle" security update to address multiple flaws in the J-Web component of Junos OS that could be combined to achieve remote code execution on susceptible installations. They affect all versions of Junos OS on SRX and EX Series.

Multiple high-severity security flaws have been disclosed as affecting Juniper Networks devices, some of which could be exploited to achieve code execution.Chief among them is a remote pre-authenticated PHP archive file deserialization vulnerability in the J-Web component of Junos OS, according to Octagon Networks researcher Paulos Yibelo.