6 matches found
Exploit for PHP External Variable Modification in Juniper Junos
PoC exploit for CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847. This exploit targets Juniper JunOS within SRX and EX Series products, achieving Remote Code Execution RCE by chaining four vulnerabilities. The exploit involves uploading an arbitrary PHP file to a restricted director...
Exploit for PHP External Variable Modification in Juniper Junos
CVE-2023-36845 This script provides an automated Proof of C...
Exploit for PHP External Variable Modification in Juniper Junos
CVE-2023-36845 PoC Automation Script This script provides an...
Junos OS PHPRC Environment Variable Manipulation RCE
This module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices run FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP features. The...
VulnCheck KEV: CVE-2023-36845
Juniper Junos OS on EX Series and SRX Series contains a PHP external variable modification vulnerability that allows an unauthenticated, network-based attacker to control an important environment variable. Using a crafted request, which sets the variable PHPRC, an attacker is able to modify the...
CVE-2023-36845
A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to remotely execute code. Using a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution...