7.4
CVE-2024-30210 - IOSIX IO-1020 Micro ELD Use of Default Credentials
IO-1020 Micro ELD uses a default WIFI password that could allow an adjacent attacker to connect to the device.
7.1
CVE-2024-30388 - Junos OS: QFX5000 Series and EX Series: Specific malformed LACP packets will cause flaps
An Improper Isolation or Compartmentalization vulnerability in the Packet Forwarding Engine (pfe) of Juniper Networks Junos OS on QFX5000 Series and EX Series allows an unauthenticated, adjacent attacker to cause a Denial of Service (DoS). If a specific malformed LACP packet is received by a QFX50…
8.7
CVE-2024-30392 - Junos OS: MX Series with SPC3 and MS-MPC/-MIC: When URL filtering is enabled and a specific URL req…
A Stack-based Buffer Overflow vulnerability in Flow Processing Daemon (flowd) of Juniper Networks Junos OS allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). On all Junos OS MX Series platforms with SPC3 and MS-MPC/-MIC, when URL filtering is enabled and a specific…
8.7
CVE-2024-30394 - Junos OS and Junos OS Evolved: A specific EVPN type-5 route causes rpd crash
A Stack-based Buffer Overflow vulnerability in the Routing Protocol Daemon (RPD) component of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause an rpd crash, leading to Denial of Service (DoS). On all Junos OS and Junos OS Evolved platforms, when EVPN is conf…
8.7
CVE-2024-30395 - Junos OS and Junos OS Evolved: A malformed BGP tunnel encapsulation attribute will lead to an rpd c…
An Improper Validation of Specified Type of Input vulnerability in Routing Protocol Daemon (RPD) of Junos OS and Junos OS Evolved allows an unauthenticated, network-based attacker to cause Denial of Service (DoS). If a BGP update is received over an established BGP session which contains a tunnel …
8.7
CVE-2024-30405 - Junos OS: SRX 5000 Series with SPC2: Processing of specific crafted packets when ALG is enabled cau…
An Incorrect Calculation of Buffer Size vulnerability in Juniper Networks Junos OS SRX 5000 Series devices using SPC2 line cards while ALGs are enabled allows an attacker sending specific crafted packets to cause a transit traffic Denial of Service (DoS). Continued receipt and processing of these …
6.7
CVE-2024-30406 - Junos OS Evolved: ACX Series with Paragon Active Assurance Test Agent: A local high privileged atta…
A Cleartext Storage in a File on Disk vulnerability in Juniper Networks Junos OS Evolved ACX Series devices using the Paragon Active Assurance Test Agent software installed on network devices allows a local, authenticated attacker with high privileges to read all other users login credentials. Thi…
9.2
CVE-2024-30407 - [Child CVE] JCNR and cRPD: Hard-coded SSH host keys in cRPD may allow Person-in-the-Middle (PitM) a…
The Use of a Hard-coded Cryptographic Key vulnerability in Juniper Networks Juniper Cloud Native Router (JCNR) and containerized routing Protocol Deamon (cRPD) products allows an attacker to perform Person-in-the-Middle (PitM) attacks which results in complete compromise of the container. Due to …
6.9
CVE-2024-30409 - Junos OS and Junos OS Evolved: Higher CPU consumption on routing engine leads to Denial of Service …
An Improper Check for Unusual or Exceptional Conditions vulnerability in telemetry processing of Juniper Networks Junos OS and Junos OS Evolved allows a network-based authenticated attacker to cause the forwarding information base telemetry daemon (fibtd) to crash, leading to a limited Denial of Se…
6.9
CVE-2024-30410 - Junos OS: EX4300 Series: Loopback filter not blocking traffic despite having discard term.
An Incorrect Behavior Order in the routing engine (RE) of Juniper Networks Junos OS on EX4300 Series allows traffic intended to the device to reach the RE instead of being discarded when the discard term is set in loopback (lo0) interface. The intended function is that the lo0 firewall filter takes…