Juniper

Pierluigi Paganini March 12, 2025
China-linked APT UNC3886 targets EoL Juniper routers

Mandiant researchers warn that China-linked actors are deploying custom backdoors on Juniper Networks Junos OS MX routers. In mid-2024, Mandiant identified custom backdoors on Juniper Networks’ Junos OS routers, and attributed the attacks to a China-linked espionage group tracked as UNC3886. These TINYSHELL-based backdoors had various capabilities, including active and passive access and a script to […]

Pierluigi Paganini February 18, 2025
Juniper Networks fixed a critical flaw in Session Smart Routers

Juniper Networks has addressed a critical vulnerability, tracked as CVE-2025-21589, impacting the Session Smart Router. Juniper Networks addressed a critical authentication bypass vulnerability, tracked as CVE-2025-21589 (CVSS score of 9.8), affecting its Session Smart Router product. “An Authentication Bypass Using an Alternate Path or Channel vulnerability in Juniper Networks Session Smart Router may allow a network-based […]

Pierluigi Paganini January 24, 2025
J-magic malware campaign targets Juniper routers

Threat actors are targeting Juniper routers with a custom backdoor in a campaign called code-named “J-magic,” attackers are exploiting a Magic Packet flaw. Lumen Technologies researchers reported that the J-magic campaign targets Juniper routers with a custom backdoor using a passive agent based on the cd00r variant (an open-source backdoor by fx). It activates upon detecting […]

Pierluigi Paganini November 13, 2023
CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog

US CISA added four vulnerabilities (tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847) in Juniper devices to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added six new vulnerabilities to its Known Exploited Vulnerabilities catalog, five issues impacting Juniper Junos OS and one impacting the SysAid SysAid IT support software. Below is the list […]

Pierluigi Paganini September 19, 2023
12,000 Juniper SRX firewalls and EX switches vulnerable to CVE-2023-36845

Researchers discovered approximately 12,000 Juniper SRX firewalls and EX switches vulnerable to a recently disclosed CVE-2023-36845 RCE flaw. VulnCheck researchers discovered approximately 12,000 internet-exposed Juniper SRX firewalls and EX switches that are vulnerable to the recently disclosed remote code execution flaw CVE-2023-36845. In mid-August, Juniper addressed four medium-severity (CVSS 5.3) vulnerabilities (CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847) impacting […]

Pierluigi Paganini August 30, 2023
Threat actors started exploiting Juniper flaws shortly after PoC release

Threat actors started using the exploit chain in attacks on Juniper EX switches and SRX firewalls shortly after the release of the PoC code. This week, watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. An unauthenticated attacker can chain the vulnerabilities to gain remote code execution in Juniper […]

Pierluigi Paganini August 28, 2023
Researchers published PoC exploit code for Juniper SRX firewall flaws

Researchers published a PoC exploit code for Juniper SRX firewall flaws that can be chained to gain RCE in Juniper’s JunOS. watchTowr Labs security researchers published a proof-of-concept exploit (PoC) exploit code for vulnerabilities in Juniper SRX firewalls. An unauthenticated attacker can chain the vulnerabilities to gain remote code execution in Juniper JunOS on vulnerable […]

Pierluigi Paganini October 28, 2022
Multiple vulnerabilities affect the Juniper Junos OS

Juniper Networks devices are affected by multiple high-severity issues, including code execution vulnerabilities. Multiple high-severity security vulnerabilities have been discovered in Juniper Networks devices. “Multiple vulnerabilities have been found in the J-Web component of Juniper Networks Junos OS. One or more of these issues could lead to unauthorized local file access, cross-site scripting attacks, path […]

Pierluigi Paganini October 16, 2020
Juniper fixes tens of flaws affecting the Junos OS

Juniper Networks has addressed tens of vulnerabilities, including serious flaws that can be exploited to take over vulnerable systems. Juniper Networks has addressed tens of vulnerabilities, including serious issues that can be exploited to take control of vulnerable systems. The vendor has published 40 security advisories related to security vulnerabilities in the Junos OS operating system […]

Pierluigi Paganini January 11, 2017
Juniper SRX firewalls open a root-level account due to a flaw

Experts at Juniper have discovered that an update for its Juniper SRX firewalls opens a root-level account on the network device. The company started warning its users, every user who issued the “request system software” command with the “partition” option is affected by the issue. The failure of the system update leaves it in a state where root CLI […]