Juniper Networks Releases Critical Security Update for Routers

Juniper Networks has released out-of-band security updates to address a critical security flaw that could lead to an authentication bypass in some of its routers. The vulnerability, tracked as CVE-2024-2973, carries a CVSS score of 10.0, indicating maximum severity. "An Authentication Bypass Usin...

Juniper SRX Firewalls&EX switches - PreAuth Remote Code Execution Exploit

Exploit Title: juniper-SRX-Firewalls&EX-switches PreAuth-RCE PoC Description: This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo function on the login page of the target device, allowing to inspect the PHP configuration. also this...

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 Description CVE-2023-36845 represen...

Junos OS PHPRC Environment Variable Manipulation RCE

This module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices run FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP features. The...

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 Description CVE-2023-36845 represen...