VYPR
Unrated severityNVD Advisory· Published Oct 18, 2022· Updated May 9, 2025

Junos OS: Path traversal vulnerability in J-Web

CVE-2022-22245

Description

A Path Traversal vulnerability in the J-Web component of Juniper Networks Junos OS allows an authenticated attacker to upload arbitrary files to the device by bypassing validation checks built into Junos OS. The attacker should not be able to execute the file due to validation checks built into Junos OS. Successful exploitation of this vulnerability could lead to loss of filesystem integrity. This issue affects Juniper Networks Junos OS: all versions prior to 19.1R3-S9; 19.2 versions prior to 19.2R3-S6; 19.3 versions prior to 19.3R3-S7; 19.4 versions prior to 19.4R3-S9; 20.1 versions prior to 20.1R3-S5; 20.2 versions prior to 20.2R3-S5; 20.3 versions prior to 20.3R3-S5; 20.4 versions prior to 20.4R3-S4; 21.1 versions prior to 21.1R3-S2; 21.2 versions prior to 21.2R3-S1; 21.3 versions prior to 21.3R2-S2, 21.3R3; 21.4 versions prior to 21.4R1-S2, 21.4R2-S1, 21.4R3; 22.1 versions prior to 22.1R1-S1, 22.1R2.

Affected products

2
  • Juniper Networks/Junosllm-fuzzy2 versions
    <19.1R3-S9; <19.2R3-S6; <19.3R3-S7; <19.4R3-S9; <20.1R3-S5; <20.2R3-S5; <20.3R3-S5; <20.4R3-S4; <21.1R3-S2; <21.2R3-S1; <21.3R2-S2; <21.4R1-S2; <22.1R2+ 1 more
    • (no CPE)range: <19.1R3-S9; <19.2R3-S6; <19.3R3-S7; <19.4R3-S9; <20.1R3-S5; <20.2R3-S5; <20.3R3-S5; <20.4R3-S4; <21.1R3-S2; <21.2R3-S1; <21.3R2-S2; <21.4R1-S2; <22.1R2
    • (no CPE)range: unspecified

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.