Zimbalwa izinsuku ezedlule ulwazi lukhishwe ngobungozi obuhlukahlukene obukhonjwe kubo isixhumi esibonakalayo sewebhu "J-Web", esisetshenziswa kumadivayisi enethiwekhi yeJuniper afakwe uhlelo lokusebenza Juni.
Okuyingozi kakhulu ukuba sengozini I-CVE-2022-22241, ikakhulukazi lokhu ivumela ukwenza ikhodi ukude kusistimu ngaphandle kokuqinisekisa ngokuthumela isicelo se-HTTP esakhiwe ngokukhethekile.
Ingqikithi yokuba sengozini iwukuthi indlela yefayela edluliselwe umsebenzisi icutshungulwa kusikripthi /jsdm/ajax/logging_browse.php ngaphandle kokuhlunga isiqalo nohlobo lokuqukethwe esiteji ngaphambi kokuhlolwa kokuqinisekisa.
Umhlaseli angadlulisela ifayela le-phar eliyingozi ngaphansi kwesithunzi sesithombe bese usebenzisa ikhodi ye-PHP ebekwe kufayela le-phar usebenzisa indlela yokuhlasela ethi "Phar Deserialization".
Inkinga ukuthi uma ubheka ifayela elilayishiwe ngomsebenzi we-is_dir(). Ku-PHP, lo msebenzi ususa ngokuzenzakalelayo imethadatha ye-Phar File (PHP File) lapho ucubungula izindlela eziqala ngo-"phar://". Umphumela ofanayo ubonakala lapho kucutshungulwa izindlela zefayela elinikezwe umsebenzisi emisebenzini yefayela_get_contents(), fopen(), ifayela(), file_exists(), md5_file(), filemtime(), kanye ne-filesize() imisebenzi.
Ukuhlasela kuyinkimbinkimbi yiqiniso lokuthi, ngaphezu kokuqala ukukhishwa kwefayela le-phar, umhlaseli kufanele athole indlela yokuyilanda kudivayisi (lapho efinyelela /jsdm/ajax/logging_brows.php, angacacisa kuphela indlela ukwenza ifayela elikhona).
Ezimweni ezingase zibe khona zokuthi amafayela afinyelele idivayisi, kukhulunywa ngokulayisha ifayela le-phar ngokuzenza kwesithombe ngesevisi yokudlulisa izithombe nokufaka ifayela kunqolobane yokuqukethwe kwewebhu.
Okunye ukuba sengozini kutholiwe I-CVE-2022-22242, lobu sengozini ingaxhashazwa umhlaseli okude ongagunyaziwe ukuze antshontshe izikhathi ukuphathwa kwe-JunOS noma okusetshenziswe kuhlanganiswe nobunye ubungozi obudinga ukuqinisekiswa. Isibonelo, lobu bungozi bungasetshenziswa ngokuhambisana nephutha lokubhala ifayela langemuva kokuqinisekisa eliyingxenye yombiko.
I-CVE-2022-22242 ivumela ukushintshwa kwamapharamitha angaphandle okungahlungiwe ekuphumeni kweskripthi sephutha.php, esivumela ukubhalwa phansi kwendawo yonke futhi sisebenzisa ikhodi ye-JavaScript engafanele esipheqululini somsebenzisi uma isixhumanisi sichofozwa. Ukuba sengozini kungase kusetshenziswe ukuze kuvinjwe amapharamitha eseshini yomlawuli uma abahlaseli bengathola umlawuli ukuthi avule isixhumanisi esiklanywe ngokukhethekile.
Ngakolunye uhlangothi, ukukhubazeka kuyashiwo futhi I-CVE-2022-22243 engaxhashazwa yisihlaseli esikude esigunyaziwe ukuze ilawule izikhathi Ukuphatha kwe-JunOS noma ukuphazamisa ukusakazwa kwe-XPATH okusetshenziswa iseva ukuze ikhulume nabahlahli bayo be-XML kanye ne-СVE-2022-22244 nayo engase ixhashazwe umhlaseli okude ogunyaziwe ukuze aphazamise izikhathi zokuphatha ze-JunOS. Kukho kokubili ukufakwa esikhundleni kwenkulumo ye-XPATH ngokusebenzisa imibhalo ethi jsdm/ajax/wizards/setup/setup.php kanye /modules/monitor/interfaces/interface.php ivumela umsebenzisi oqinisekisiwe ngaphandle kwamalungelo okuphatha izikhathi zomlawuli.
Okunye ubuthakathaka zidaluliwe yilezi:
- I-CVE-2022-22245: Uma ukulandelana ".." ezindleleni ezicutshunguliwe kusikripthi se-Upload.php kungahlanzwanga kahle, umsebenzisi ogunyaziwe angalayisha ifayela lakhe le-PHP kuhla lwemibhalo oluvumela ukwenziwa kombhalo we-PHP (isb. ngokudlula indlela " fileName=\..\..\..\..\www\dir\new\shell.php").
- I-CVE-2022-22246: Amandla okusebenzisa ifayela le-PHP lendawo ngokunganaki ngokukhohlisa ngomsebenzisi ogunyaziwe onombhalo we-jrest.php, lapho kusetshenziswa khona amapharamitha angaphandle ukuze kwakhiwe igama lefayela elilayishwe umsebenzi we-"require_once("). (ngokwesibonelo, "/jrest.php?payload =alol/lol/any\..\..\..\..\any\file"). Lokhu kuvumela umhlaseli ukuthi afake noma yiliphi ifayela le-PHP eligcinwe kuseva. Uma lobu bungozi buxhashazwa kanye nokuba sengozini kokulayishwa kwefayela, kungaholela ekusebenziseni ikhodi yesilawuli kude.
Okokugcina Abasebenzisi bekhompyutha beJuniper bayanconywa ukuthi bafake isibuyekezo se-firmware futhi, uma lokhu kungenzeki, qinisekisa ukuthi ukufinyelela esibonakalayo sewebhu kuvinjiwe kumanethiwekhi angaphandle futhi kukhawulelwe kubasingathi abathembekile kuphela.
Uma ungathanda ukufunda okwengeziwe ngayo, ungathintana nemininingwane kokuthi isixhumanisi esilandelayo.