Skip to main content
CVE-2021-31384 CRITICAL Act Now

Due to a Missing Authorization weakness and Insufficient Granularity of Access Control in a specific device configuration, a vulnerability exists in Juniper Networks Junos OS on SRX Series whereby an. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Juniper Authentication Bypass Junos
NVD
CVSS 3.1
10.0
EPSS
1.1%
CVE-2021-31349 CRITICAL Act Now

The usage of an internal HTTP header created an authentication bypass vulnerability (CWE-287), allowing an attacker to view internal files, change settings, manipulate services and execute arbitrary. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

RCE Juniper Authentication Bypass 128 Technology Session Smart Router Firmware
NVD
CVSS 3.1
9.8
EPSS
1.7%
CVE-2021-30820 CRITICAL Act Now

A logic issue was addressed with improved state management. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apple RCE Ipados Iphone Os
NVD
CVSS 3.1
9.8
EPSS
2.2%
CVE-2021-38474 CRITICAL Act Now

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 have has no account lockout policy configured for the login page of the product. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Ir615 Firmware
NVD
CVSS 3.1
9.8
EPSS
0.7%
CVE-2021-38462 CRITICAL Act Now

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 does not enforce an efficient password policy. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Brute Force Ir615 Firmware
NVD
CVSS 3.1
9.8
EPSS
1.1%
CVE-2021-31381 CRITICAL PATCH Act Now

A configuration weakness in the JBoss Application Server (AppSvr) component of Juniper Networks SRC Series allows a remote attacker to send a specially crafted query to cause the web server to delete. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Juniper Session And Resource Control
NVD
CVSS 3.1
9.1
EPSS
1.1%
CVE-2021-38478 CRITICAL Act Now

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a traceroute tool to inject commands into the device. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ir615 Firmware
NVD
CVSS 3.1
9.1
EPSS
1.1%
CVE-2021-38470 CRITICAL Act Now

InHand Networks IR615 Router's Versions 2.3.0.r4724 and 2.3.0.r4870 are vulnerable to an attacker using a ping tool to inject commands into the device. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Command Injection Ir615 Firmware
NVD
CVSS 3.1
9.1
EPSS
1.1%
CVE-2021-31382 CRITICAL Act Now

On PTX1000 System, PTX10002-60C System, after upgrading to an affected release, a Race Condition vulnerability between the chassis daemon (chassisd) and firewall process (dfwd) of Juniper Networks. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

Information Disclosure Race Condition Juniper Junos
NVD
CVSS 3.1
9.0
EPSS
0.6%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy