VDB
CVE-2023-36844
CVE-2023-36844
PUBLISHED
KEV
In Juniper JUNOS auf Geräten der EX- und SRX-Serie bestehen mehrere Schwachstellen in der Komponente J-WEB. Sie sind auf eine fehlende Authentifizierung und eine externe PHP-Variablenmodifikation zurückzuführen. Ein entfernter, anonymer Angreifer kann diese Schwachstellen in Kombination ausnutzen, um beliebigen Code auszuführen.
EPSS 94.22% · 99.9th percentile
Risk Scores
EPSS Score
94.22%
99.9th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Juniper | Juniper SRX Series | |
| Juniper | Juniper EX Series |
Exploit Intelligence
- (crowdsec)
- (crowdsec)
- (crowdsec)
- (crowdsec)
- A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr . (github-poc)
- A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr . (github-poc)
- A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr . (github-poc)
- A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr . (github-poc)
- A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr . (github-poc)
- A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr . (github-poc)
…and 135 more exploits
Timeline
- Jan 20, 1970 CrowdSec Sighting
- Jan 20, 1970 CrowdSec Sighting
- Jan 20, 1970 CrowdSec Sighting
- Jan 20, 1970 CrowdSec Sighting
- Jan 21, 1970 CrowdSec Sighting
- Jan 21, 1970 CrowdSec Sighting
- Jan 21, 1970 CrowdSec Sighting
- Jan 21, 1970 CrowdSec Sighting
- Jun 10, 2021 CrowdSec Sighting
- Aug 12, 2021 CrowdSec Sighting
- May 25, 2022 CrowdSec Sighting
- Aug 6, 2022 CrowdSec Sighting
References
- https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-2092.json advisory
- https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-2092 advisory
- https://labs.watchtowr.com/cve-2023-36844-and-friends-rce-in-juniper-firewalls/ advisory
- https://supportportal.juniper.net/s/article/2023-08-Out-of-Cycle-Security-Bulletin-Junos-OS-SRX-Series-and-EX-Series-Multiple-vulnerabilities-in-J-Web-can-be-combined-to-allow-a-preAuth-Remote-Code-Execution advisory