Juniper Networks Junos OS Evolved Privilege Escalation and OS Command Injection Vulnerability

A vulnerability allowing improper neutralization of special elements used in OS command execution has been identified in the CLI of Juniper Networks Junos OS Evolved. This OS command injection vulnerability could be exploited to elevate privileges and execute unauthorized commands. The issue arises when crafted CLI commands are processed via scripts that lack proper security hardening, potentially allowing injected commands to be executed through the shell. This vulnerability affects Junos OS Evolved versions 24.2 prior to 24.2R2-S2-EVO and 24.4 prior to 24.4R2-EVO. Versions earlier than 24.2R1-EVO are not affected.

Impact

Exploitation of this vulnerability could lead to unauthorized command execution and privilege escalation within the affected Junos OS Evolved environment.