CVE-2020-1631
Juniper Junos OS Path Traversal Vulnerability
CVSS
—
No CVSS
EPSS
4.7%
p91
KEV
YES
Mar 25, 2022
Exploit Today
77
0-100
Published: — · Last modified: —
4.7%EPSS · 30 days4.7%
2026-06-302026-07-16
Product
Juniper / Junos OS
Vulnerability
Juniper Junos OS Path Traversal Vulnerability
Added to KEV
Mar 25, 2022
Remediate by
Apr 15, 2022
Known ransomware use
No
Summary description
A path traversal vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN), Firewall Authentication Pass-Through with Web-Redirect, and Zero Touch Provisioning (ZTP) allows an unauthenticated attacker to perform remote code execution.
Required action
Apply updates per vendor instructions.
Notes
https://nvd.nist.gov/vuln/detail/CVE-2020-1631
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2023-36846—99.8%
KEV—80Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability—CVE-2023-36845—99.8%
KEV—80Juniper Junos OS EX Series and SRX Series PHP External Variable Modification Vulnerability—CVE-2023-36844—99.8%
KEV—80Juniper Junos OS EX Series PHP External Variable Modification Vulnerability—CVE-2023-36847—99.7%
KEV—80Juniper Junos OS EX Series Missing Authentication for Critical Function Vulnerability—CVE-2025-21590—74.0%
KEV—72Juniper Junos OS Improper Isolation or Compartmentalization Vulnerability—CVE-2023-36851—61.6%
KEV—68Juniper Junos OS SRX Series Missing Authentication for Critical Function Vulnerability—