CVE-2023-36845
Description
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series
and SRX Series
allows an unauthenticated, network-based attacker to remotely execute code.
Using a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of code.
This issue affects Juniper Networks Junos OS on EX Series
and
SRX Series:
* All versions prior to
20.4R3-S9; * 21.1 versions 21.1R1 and later; * 21.2 versions prior to 21.2R3-S7; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions
prior to
22.1R3-S4; * 22.2 versions
prior to
22.2R3-S2; * 22.3 versions
prior to
22.3R2-S2, 22.3R3-S1; * 22.4 versions
prior to
22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1-S1, 23.2R2.
Severity: CRITICAL
CVE ID: CVE-2023-36845
CVSS Score: 9.8
CVSS Metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Proof Of Concept
Nuclei Templates for CVE-2023-36845
Refrence: Project Discovery GitHub
vulncheck-oss
A go-exploit to scan for Juniper firewalls vulnerable to CVE-2023-36845
Refrence: GitHub
kljunowsky
Juniper Firewalls CVE-2023-36845 - RCE
Refrence: GitHub
toanln-cov
PoC CVE-2023-36845 on Juniper Device
Refrence: GitHub
halencarjunior
Refrence: GitHub
zaenhaxor
CVE-2023-36845 - Juniper Firewall Remote code execution (RCE)
Refrence: GitHub
simrotion13
Refrence: GitHub
cyberh3als
CVE-2023-36845 PoC script automates the PoC for CVE-2023-36845 targeting Juniper Networks Junos OS's J-Web component on EX and SRX Series devices. It exploits a PHP flaw, allowing remote modification of the PHPRC variable. Successful exploitation can lead to code injection and execution.
Refrence: GitHub
CKevens
Ansible Playbook for CVE-2023-36845(Juniper Networks Junos OS 远程代码执行漏洞)
Refrence: GitHub
Asbawy
Simple Automation script for juniper cve-2023-36845
Refrence: GitHub
jahithoque
Juniper RCE (Remote Code Execution) CVE-2023-36845 is a vulnerability that has been identified within Juniper's software. This particular flaw allows for remote code execution, meaning an attacker could run arbitrary code on a system without needing physical access to the device.
Refrence: GitHub
cyb3rzest
Refrence: GitHub
CharonDefalt
Refrence: GitHub
iveresk
CVE-2023-36845 и CVE-2023-36846 Juniper Junos OS J-Web RCE
Refrence: GitHub
ak1t4
CVES
Refrence: GitHub
0xNehru
This Python script automates the Proof of Concept (PoC) for CVE-2023-36845, a vulnerability impacting Juniper Networks Junos OS on EX and SRX Series devices. The vulnerability resides in the J-Web component, allowing remote manipulation of the PHPRC variable, potentially leading to code injection.
Refrence: GitHub
imhunterand
Juniper - Remote Code Execution (CVE-2023-36845) PreAuth-RCE Exploits
Refrence: GitHub
ifconfig-me
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to remotely execute code.
Refrence: GitHub
e11i0t4lders0n
CVE-2023-36845 – Unauthenticated Juniper Remote Code Execution Vulnerability Scanner
Refrence: GitHub
Content on GitHub
r3dcl1ff | watchers:2
CVE-2023-36844_Juniper_RCE
A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr .
Refrence: GitHub
hackingyseguridad | watchers:25
nmap
Detectar vulnerabilidades script con nmap
Refrence: GitHub