CVE-2021-31385— Junos OS: J-Web: A path traversal vulnerability allows an authenticated attacker to elevate their privileges to root

CVSS 8.8 · High EPSS 0.71% · P72 Updated Feb 25, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2021-31385

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

Junos OS: J-Web: A path traversal vulnerability allows an authenticated attacker to elevate their privileges to root

Source: NVD (National Vulnerability Database)

Vulnerability Description

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in J-Web of Juniper Networks Junos OS allows any low-privileged authenticated attacker to elevate their privileges to root. This issue affects: Juniper Networks Junos OS 12.3 versions prior to 12.3R12-S19; 15.1 versions prior to 15.1R7-S10; 18.3 versions prior to 18.3R3-S5; 18.4 versions prior to 18.4R3-S9; 19.1 versions prior to 19.1R3-S6; 19.2 versions prior to 19.2R1-S7, 19.2R3-S3; 19.3 versions prior to 19.3R3-S3; 19.4 versions prior to 19.4R3-S5; 20.1 versions prior to 20.1R2-S2, 20.1R3-S1; 20.2 versions prior to 20.2R3-S2; 20.3 versions prior to 20.3R3; 20.4 versions prior to 20.4R2-S1, 20.4R3; 21.1 versions prior to 21.1R1-S1, 21.1R2.

Source: NVD (National Vulnerability Database)

CVSS Information

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Source: NVD (National Vulnerability Database)

Vulnerability Type

对路径名的限制不恰当(路径遍历)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Juniper Networks Junos OS 路径遍历漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Juniper Networks Junos OS是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS 存在路径遍历漏洞，该漏洞源于Juniper Networks Junos OS 的 J-Web 中的路径名限制不当（“路径遍历”）漏洞允许任何低权限的经过身份验证的攻击者将其权限提升到 root。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
Juniper Networks	Junos OS	12.3 ~ 12.3R12-S19	-
Juniper Networks	Junos OS	15.1 ~ 15.1R7-S10	-

II. Public POCs for CVE-2021-31385

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2021-31385

请登录查看更多情报信息。

https://kb.juniper.net/JSA11253x_refsource_CONFIRM
https://nvd.nist.gov/vuln/detail/CVE-2021-31385

Same Patch Batch · Juniper Networks · 2021-10-19 · 42 CVEs total

CVE-2021-31349	9.8 CRITICAL	Session Smart Router: Authentication Bypass Vulnerability
CVE-2021-31372	8.8 HIGH	Junos OS: J-Web allows a locally authenticated attacker to escalate their privileges to ro
CVE-2021-31373	8.0 HIGH	Junos OS: SRX Series: Persistent XSS vulnerability in J-Web
CVE-2021-31355	8.0 HIGH	Junos OS: Stored Cross-Site Scripting (XSS) vulnerability in captive portal
CVE-2021-31359	7.8 HIGH	Junos OS and Junos OS Evolved: Local Privilege Escalation vulnerability
CVE-2021-31358	7.8 HIGH	Junos OS Evolved: shell-injection vulnerabilities in evo_sftp UI wrapper script
CVE-2021-31357	7.8 HIGH	Junos OS Evolved: shell-injection vulnerabilities in evo_tcpdump UI wrapper script
CVE-2021-31356	7.8 HIGH	Junos OS Evolved: Multiple shell-injection vulnerabilities in EVO UI wrapper scripts
CVE-2021-31376	7.5 HIGH	Junos OS: ACX Series: Packet Forwarding Engine manager (FXPC) process crashes when process
CVE-2021-31368	7.5 HIGH	Junos OS: EX2300 Series, EX3400 Series, and ACX710 might become unresponsive if the out-of
CVE-2021-31374	7.5 HIGH	Junos OS and Junos OS Evolved: RPD crash while processing a specially crafted BGP UPDATE o
CVE-2021-31353	7.5 HIGH	Junos OS and Junos OS Evolved: RPD core upon receipt of specific BGP update
CVE-2021-31351	7.5 HIGH	Junos OS: MX Series: Receipt of specific packet on MS-MPC/MS-MIC causes line card reset
CVE-2021-31379	7.5 HIGH	Junos OS: MX Series: MPC 7/8/9/10/11 cards with MAP-E: PFE halts when an attacker sends ma
CVE-2021-31350	7.5 HIGH	Junos OS and Junos OS Evolved: Privilege escalation vulnerability in Juniper Extension Too
CVE-2021-0299	7.5 HIGH	Junos OS: Kernel crash (vmcore) upon receipt of a malformed IPv6 packet
CVE-2021-31383	7.5 HIGH	Junos OS and Junos OS Evolved: In Point to MultiPoint (P2MP) scenarios receipt of various
CVE-2021-0296	7.4 HIGH	CTPView: HSTS not being enforced on CTPView server.
CVE-2021-31384	7.2 HIGH	Junos OS: SRX Series: Under a specific device configuration an attacker can access the dev
CVE-2021-31375	7.2 HIGH	Junos OS: Receipt of a specific BGP update may cause RPKI policy-checks to be bypassed

Showing top 20 of 42 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: Junos OS

Same vendor: Juniper Networks

Same weakness: CWE-22

V. Comments for CVE-2021-31385

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2021-31385— Junos OS: J-Web: A path traversal vulnerability allows an authenticated attacker to elevate their privileges to root

I. Basic Information for CVE-2021-31385

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2021-31385

III. Intelligence Information for CVE-2021-31385

Same Patch Batch · Juniper Networks · 2021-10-19 · 42 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2021-31385

Leave a comment