cbcvebase.
CVE-2023-28983
published 2023-04-17

CVE-2023-28983: An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated…

PriorityP259high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.53%
71.5th percentile
An OS Command Injection vulnerability in gRPC Network Operations Interface (gNOI) server module of Juniper Networks Junos OS Evolved allows an authenticated, low privileged, network based attacker to inject shell commands and execute code. This issue affects Juniper Networks Junos OS Evolved 21.4 version 21.4R1-EVO and later versions prior to 22.1R1-EVO.

Affected

4 ranges
VendorProductVersion rangeFixed in
juniperjunos_os
juniperjunos_os_evolved
juniper_networksjunos_os_evolved>= 21.4R1-EVO < 21.4*21.4*
juniper_networksjunos_os_evolved>= 22.1 < 22.1R1-EVO22.1R1-EVO

Detection & IOCsextracted from sources · hover to see the quote

  • Monitor for OS command injection attempts targeting the gRPC Network Operations Interface (gNOI) server module on Juniper Junos OS Evolved devices, originating from authenticated but low-privileged network-based users.
  • Audit and restrict access to the gNOI server module on affected Junos OS Evolved devices; alert on unexpected shell command execution originating from gNOI service processes.
  • ·Vulnerability only affects Junos OS Evolved versions 21.4R1-EVO and later, up to (but not including) 22.1R1-EVO. Devices running versions outside this range are not affected.
  • ·Exploitation requires an authenticated, low-privileged account; unauthenticated attackers cannot directly exploit this vulnerability, but any valid low-privilege credential is sufficient.
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.