Lucene search
K

6 matches found

Gitee
Gitee
added 2024/04/30 10:13 a.m.51 views

Exploit for PHP External Variable Modification in Juniper Junos

PoC exploit for CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847. This exploit targets Juniper JunOS within SRX and EX Series products, achieving Remote Code Execution RCE by chaining four vulnerabilities. The exploit involves uploading an arbitrary PHP file to a restricted director...

9.8CVSS8.7AI score0.94205EPSS
Exploits28
GithubExploit
GithubExploit
added 2024/02/14 12:47 p.m.385 views

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 This script provides an automated Proof of C...

9.8CVSS9.8AI score0.93546EPSS
Exploits25
GithubExploit
GithubExploit
added 2023/10/02 6:28 a.m.346 views

Exploit for PHP External Variable Modification in Juniper Junos

CVE-2023-36845 PoC Automation Script This script provides an...

9.8CVSS9.7AI score0.93546EPSS
Exploits25
Metasploit
Metasploit
added 2023/09/29 7:51 p.m.347 views

Junos OS PHPRC Environment Variable Manipulation RCE

This module exploits a PHP environment variable manipulation vulnerability affecting Juniper SRX firewalls and EX switches. The affected Juniper devices run FreeBSD and every FreeBSD process can access their stdin by opening /dev/fd/0. The exploit also makes use of two useful PHP features. The...

9.8CVSS8AI score0.93546EPSS
Exploits27
VulnCheck KEV
VulnCheck KEV
added 2023/08/29 12:0 a.m.7 views

VulnCheck KEV: CVE-2023-36845

Juniper Junos OS on EX Series and SRX Series contains a PHP external variable modification vulnerability that allows an unauthenticated, network-based attacker to control an important environment variable. Using a crafted request, which sets the variable PHPRC, an attacker is able to modify the...

9.8CVSS7AI score0.93546EPSS
Exploits25References1
OSV
OSV
added 2023/08/17 8:15 p.m.4 views

CVE-2023-36845

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to remotely execute code. Using a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution...

9.8CVSS5.9AI score0.93546EPSS
Exploits25References4
Rows per page
Query Builder