H1-2182202 — Vulnetix

H1-2182202 PUBLISHED

Remote code execution [CVE-2023-36845]

Exploit Intelligence

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to remotely execute code. (github-poc-repo)
Vignesh2712/Automation-for-Juniper-cve-2023-36845 (github-poc-repo)
A go-exploit to scan for Juniper firewalls vulnerable to CVE-2023-36845 (github-poc-repo)
Juniper JunOS J-Web PHP external variable modification (CVE-2023-36845) exploit. (github-poc-repo)
Juniper JunOS J-Web PHP external variable modification (CVE-2023-36845) exploit. (github-poc)
Vignesh2712/Automation-for-Juniper-cve-2023-36845 (github-poc)
CVE-2023-36845 – Unauthenticated Juniper Remote Code Execution Vulnerability Scanner (github-poc)
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to remotely execute code. (github-poc)
This Python script automates the Proof of Concept (PoC) for CVE-2023-36845, a vulnerability impacting Juniper Networks Junos OS on EX and SRX Series devices. The vulnerability resides in the J-Web component, allowing remote manipulation of the PHPRC variable, potentially leading to code injection. (github-poc)
CVES (github-poc)

…and 20 more exploits

Timeline

Oct 9, 2024 CVE Published
Oct 9, 2024 PoC Published

References

Remote code execution [CVE-2023-36845] advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›