CVE-2013-6618
Severity CVSS v4.0:
Pending analysis
Type:
CWE-20
Input Validation
Publication date:
05/11/2013
Last modified:
11/04/2025
Description
jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.
Impact
Base Score 2.0
9.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:juniper:junos:*:*:*:*:*:*:*:* | 10.4 (including) | |
| cpe:2.3:o:juniper:junos:10.0:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:10.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:10.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:10.3:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:11.4:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:12.1:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:12.2:*:*:*:*:*:*:* | ||
| cpe:2.3:o:juniper:junos:12.3:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10560
- http://secunia.com/advisories/54731
- http://www.exploit-db.com/exploits/29544
- http://www.securityfocus.com/bid/62305
- http://www.securitytracker.com/id/1029016
- http://www.senseofsecurity.com.au/advisories/SOS-13-003
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87011
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10560
- http://secunia.com/advisories/54731
- http://www.exploit-db.com/exploits/29544
- http://www.securityfocus.com/bid/62305
- http://www.securitytracker.com/id/1029016
- http://www.senseofsecurity.com.au/advisories/SOS-13-003
- https://exchange.xforce.ibmcloud.com/vulnerabilities/87011