Juniper Networks updates its Junos OS with fixes for several security flaws, including two PHP vulnerabilities and two PHP external variable modification vulnerabilities.
The company warns that an attacker could use these vulnerabilities to gain remote code execution on compatible installations.
It recommends that customers either disable J-Web or limit access to trusted hosts in order to protect their devices against this kind of malicious behavior.
More details about the vulnerabilities can be found in the release’s Security Advisory.jw1 Web interface allows users to configure, manage, and monitor Junons OS devices.
CVE-ID: 5.3.2.and CVE-ID=5.3 Dependency-Index: 1) Two PHP External Variable Modules Injection Vulnerabilities – Allows an unauthenticated, network-based attacker to control certain environment variables.
As a workaround, Juniper Networks is suggesting that users either disable j-web or restrict access to only trusted hosts.
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply