Juniper Ex9208
20 CVEs affecting Juniper Ex9208. Latest disclosed: 2026-04-09. Critical: 2, High: 7.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-0211 | Critical | 10.0 | 2021-01-15 | An improper check for unusual or exceptional conditions in Juniper Networks Junos OS and Junos OS Evolved Routing Protocol Daemon (RPD) service allows an attac… |
CVE-2019-0006 | Critical | 9.8 | 2019-01-15 | A certain crafted HTTP packet can trigger an uninitialized function pointer deference vulnerability in the Packet Forwarding Engine manager (fxpc) on all EX, Q… |
CVE-2024-39565 | High | 8.8 | 2024-07-10 | An Improper Neutralization of Data within XPath Expressions ('XPath Injection') vulnerability in J-Web shipped with Juniper Networks Junos OS allows an unauthe… |
CVE-2024-21620 | High | 8.8 | 2024-01-25 | An Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in J-Web of Juniper Networks Junos OS on SRX Series and E… |
CVE-2018-0043 | High | 8.8 | 2018-10-10 | Receipt of a specific MPLS packet may cause the routing protocol daemon (RPD) process to crash and restart or may lead to remote code execution. By continuousl… |
CVE-2022-22221 | High | 7.8 | 2022-07-20 | An Improper Neutralization of Special Elements vulnerability in the download manager of Juniper Networks Junos OS on SRX Series and EX Series allows a locally… |
CVE-2024-47497 | High | 7.5 | 2024-10-11 | An Uncontrolled Resource Consumption vulnerability in the http daemon (httpd) of Juniper Networks Junos OS on SRX Series, QFX Series, MX Series and EX Series a… |
CVE-2019-0062 | High | 7.5 | 2019-10-09 | A session fixation vulnerability in J-Web on Junos OS may allow an attacker to use social engineering techniques to fix and hijack a J-Web administrators web s… |
CVE-2018-15504 | High | 7.5 | 2018-08-18 | An issue was discovered in Embedthis GoAhead before 4.0.1 and Appweb before 7.0.2. The server mishandles some HTTP request fields associated with time, which r… |
CVE-2021-0290 | Medium | 6.5 | 2021-07-15 | Improper Handling of Exceptional Conditions in Ethernet interface frame processing of Juniper Networks Junos OS allows an attacker to send specially crafted fr… |
CVE-2021-0289 | Medium | 6.5 | 2021-07-15 | When user-defined ARP Policer is configured and applied on one or more Aggregated Ethernet (AE) interface units, a Time-of-check Time-of-use (TOCTOU) Race Cond… |
CVE-2021-0288 | Medium | 6.5 | 2021-07-15 | A vulnerability in the processing of specific MPLS packets in Juniper Networks Junos OS on MX Series and EX9200 Series devices with Trio-based MPCs (Modular Po… |
CVE-2026-33773 | Medium | 5.8 | 2026-04-09 | An Incorrect Initialization of Resource vulnerability in the packet forwarding engine (pfe) of Juniper Networks Junos OS on specific EX Series and QFX Series d… |
CVE-2025-60007 | Medium | 5.5 | 2026-01-15 | A NULL Pointer Dereference vulnerability in the chassis daemon (chassisd) of Juniper Networks Junos OS on MX, SRX and EX Series allows a local attacker with lo… |
CVE-2024-21619 | Medium | 5.3 | 2024-01-25 | A Missing Authentication for Critical Function vulnerability combined with a Generation of Error Message Containing Sensitive Information vulnerability in J-We… |
CVE-2024-21607 | Medium | 5.3 | 2024-01-12 | An Unsupported Feature in the UI vulnerability in Juniper Networks Junos OS on MX Series and EX9200 Series allows an unauthenticated, network-based attacker t… |
CVE-2023-36851 | Medium | 5.3 | 2023-09-27 | A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to ca… |
CVE-2023-36847 | Medium | 5.3 | 2023-08-17 | A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cau… |
CVE-2023-36844 | Medium | 5.3 | 2023-08-17 | A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to cont… |
CVE-2014-9708 | | 2015-03-31 | Embedthis Appweb before 4.6.6 and 5.x before 5.2.1 allows remote attackers to cause a denial of service (NULL pointer dereference) via a Range header with an e… |