cve/2013/CVE-2013-6618.md

### [CVE-2013-6618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6618)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.

### POC

#### Reference
- http://www.exploit-db.com/exploits/29544
- http://www.senseofsecurity.com.au/advisories/SOS-13-003

#### Github
No PoCs found on GitHub currently.
Update Sun May 26 14:27:04 CEST 2024 2024-05-26 14:27:05 +02:00			`### [CVE-2013-6618](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6618)`
			`![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)`

			`### Description`

			`jsdm/ajax/port.php in J-Web in Juniper Junos before 10.4R13, 11.4 before 11.4R7, 12.1 before 12.1R5, 12.2 before 12.2R3, and 12.3 before 12.3R1 allows remote authenticated users to execute arbitrary commands via the rsargs parameter in an exec action.`

			`### POC`

			`#### Reference`
			`- http://www.exploit-db.com/exploits/29544`
			`- http://www.senseofsecurity.com.au/advisories/SOS-13-003`

			`#### Github`
			`No PoCs found on GitHub currently.`