Arbitrary Command Execution in Juniper Junos J-Web

Arbitrary Command Execution in Juniper Junos J-Web

CVE-2013-6618 · HIGH Severity

AV:N/AC:L/AU:S/C:C/I:C/A:C

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.

Learn more about our Cis Benchmark Audit For Juniper.