.. / CVE-2023-36844

Exploit for Juniper Devices - Remote Code Execution (CVE-2023-36844)

Description:

Multiple cves in Juniper Network (CVE-2023-36844 CVE-2023-36845 CVE-2023-36846 CVE-2023-36847).A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify certain PHP environments variables leading to partial loss of integrity, which may allow chaining to other vulnerabilities.

Nuclei Template

View the template here CVE-2023-36844.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-36844.yaml
Copy

References:

https://nvd.nist.gov/vuln/detail/CVE-2023-36844
https://supportportal.juniper.net/JSA72300
https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844
https://labs.watchtowr.com/cve-2023-36844-and-friends-rce-in-juniper-firewalls/
http://packetstormsecurity.com/files/174865/Juniper-SRX-Firewall-EX-Switch-Remote-Code-Execution.html
http://packetstormsecurity.com/files/174397/Juniper-JunOS-SRX-EX-Remote-Code-Execution.html