CVE-2013-6618 Information

Description

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13 11.4 before 11.4R7 12.1 before 12.1R5 12.2 before 12.2R3 and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.

Reference

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10560 http://secunia.com/advisories/54731 http://www.exploit-db.com/exploits/29544 http://www.securityfocus.com/bid/62305 http://www.securitytracker.com/id/1029016 http://www.senseofsecurity.com.au/advisories/SOS-13-003 https://exchange.xforce.ibmcloud.com/vulnerabilities/87011