High-Severity Juniper Junos OS Flaws Impact Enterprise Networking Devices
It has come to light that several Juniper Networks devices are susceptible to high-severity security weaknesses, some of which may be exploited to allow for the execution of arbitrary code.
According to the findings of an Octagon Networks researcher named Paulos Yibelo, the most serious of these flaws is a remote pre-authenticated PHP archive file deserialization vulnerability (CVE-2022-22241, CVSS score: 8.1) that exists in the J-Web component of the Junos OS.
In a report that was sent to The Hacker News, Yibelo said that "this vulnerability may be exploited by an unauthenticated remote attacker to obtain remote phar files deserialized, leading to arbitrary file write, which leads to a remote code execution (RCE)."
In addition to these problems, there have been shown to be the following five problems:
CVE-2022-22242 is a vulnerability that has a CVSS score of 6.1. It is a reflected cross-site scripting attack (XSS) that is pre-authenticated and is located on the error page ("error.php"). This flaw allows a remote attacker to syphon a Junos OS admin session when chained with other vulnerabilities that also require authentication.
Two XPATH injection weaknesses, CVE-2022-22243 (CVSS score: 4.3) and CVE-2022-22244 (CVSS score: 5.3), were exploited by a remote authenticated attacker in order to steal and alter Junos OS administrative sessions.
CVE-2022-22245 is a path traversal vulnerability that has a CVSS score of 4.3 and could allow a remote authenticated attacker to upload PHP files to any arbitrary location. This flaw operates in a manner that is comparable to the recently disclosed RARlab UnRAR flaw (CVE-2022-30333). CVE-2022-22246 is a local file inclusion vulnerability that has a CVSS score of 7.5 and could be exploited to run untrusted PHP code.
Yibelo made the observation that "this [CVE-2022-22246] offers an attacker the ability to include any PHP file stored on the server." [CVE-2022-22246] "Remote code execution is a potential outcome if this vulnerability is exploited in conjunction with the file upload issue," says the researcher.
It is highly suggested that users of Juniper Networks firewalls, routers, and switches install the most recent software patch that is available for the Junos OS in order to protect themselves against the dangers described above.
Juniper Networks reported this information in an advisory that was published on October 12, 2022. The advice said, "One or more of these flaws might lead to unauthorised local file access, cross-site scripting attacks, path injection and traversal, or local file inclusion."
Version 19 of the Junos operating system includes fixes for the problems.
1R2, 22.2R1, and subsequent releases.