CVE-2020-1611

MEDIUM

Juniper Networks Junos Space <19.4R1 - Local File Inclusion

Title source: llm

Description

A Local File Inclusion vulnerability in Juniper Networks Junos Space allows an attacker to view all files on the target when the device receives malicious HTTP packets. This issue affects: Juniper Networks Junos Space versions prior to 19.4R1.

Exploits (1)

nomisec WORKING POC 29 stars

by Ibonok · poc

https://github.com/Ibonok/CVE-2020-1611

View Code ZIP pw:eip

References (2)

Core 2

Core References

Vendor Advisory x_refsource_misc

https://kb.juniper.net/JSA10993

Permissions Required x_refsource_misc

https://prsearch.juniper.net/InfoCenter/index?page=prcontent&id=PR1449224

Scores

CVSS v3 6.5

EPSS 0.0518

EPSS Percentile 89.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

Status published

Products (9)

juniper/junos_space 17.1 r1

juniper/junos_space 17.2 r1

juniper/junos_space 18.1 r1

juniper/junos_space 18.2 r1

juniper/junos_space 18.3 r1

juniper/junos_space 18.4 r1

juniper/junos_space 19.1 r1

juniper/junos_space 19.2 r1

juniper/junos_space 19.3 r1

Published Jan 15, 2020

Tracked Since Feb 18, 2026