"Juniper Networks Fixes Flaws Leading To RCE in Firewalls and Switches"

Juniper Networks has patched four vulnerabilities, tracked as CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, and CVE-2023-36847, in Junos OS that, if chained, could enable Remote Code Execution (RCE) on the company's SRX firewalls and EX switches. Junos OS is an operating system based on Linux and FreeBSD that runs on firewalls, network switches, and other security devices offered by Juniper Networks. J-Web, a Graphical User Interface (GUI), is the component affected by the vulnerabilities. It is used to manage devices running Junos. Juniper noted that an unauthenticated, network-based attacker could remotely execute code on the devices by chaining exploits of these vulnerabilities. This article continues to discuss the potential exploitation and impact of the Junos OS vulnerabilities.

Help Net Security reports "Juniper Networks Fixes Flaws Leading To RCE in Firewalls and Switches"