Unrated severityNVD Advisory· Published Nov 5, 2013· Updated Apr 29, 2026

CVE-2013-6618

Description

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.

Affected products

Juniper Networks/Junos9 versions
cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*+ 8 more
- cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:*range: <=10.4
- cpe:2.3:o:juniper:junos:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:10.1:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:10.2:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:10.3:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:*
- cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.securityfocus.com/bid/62305nvdExploit
www.senseofsecurity.com.au/advisories/SOS-13-003nvdExploitURL Repurposed
kb.juniper.net/InfoCenter/indexnvdVendor Advisory
secunia.com/advisories/54731nvdVendor Advisory
www.exploit-db.com/exploits/29544nvd
www.securitytracker.com/id/1029016nvd
exchange.xforce.ibmcloud.com/vulnerabilities/87011nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.007
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000