# Junos OS EX/SRX系列PHP漏洞
## 漏洞概述
Juniper Networks Junos OS的J-Web存在一个PHP外部变量修改漏洞,允许未认证的网络攻击者远程执行代码。攻击者通过构建特殊的请求设置PHPRC变量,可以修改PHP执行环境并注入和执行代码。
## 影响版本
- EX 系列
- SRX 系列
- 所有版本早于 20.4R3-S9
- 21.1 版本,包括 21.1R1 及之后版本
- 21.2 版本,早于 21.2R3-S7
- 21.3 版本,早于 21.3R3-S5
- 21.4 版本,早于 21.4R3-S5
- 22.1 版本,早于 22.1R3-S4
- 22.2 版本,早于 22.2R3-S2
- 22.3 版本,早于 22.3R2-S2, 22.3R3-S1
- 22.4 版本,早于 22.4R2-S1, 22.4R3
- 23.2 版本,早于 23.2R1-S1, 23.2R2
## 漏洞细节
攻击者通过构建特殊的HTTP请求,设置PHPRC环境变量,从而修改PHP执行环境,注入并执行任意代码。
## 影响
该漏洞允许未认证的攻击者通过网络利用此漏洞远程执行代码,可能导致系统完全被控制。
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | A tool to discover Juniper firewalls vulnerable to CVE-2023-36845 | https://github.com/vulncheck-oss/cve-2023-36845-scanner | POC详情 |
| 2 | Juniper Firewalls CVE-2023-36845 - RCE | https://github.com/kljunowsky/CVE-2023-36845 | POC详情 |
| 3 | PoC CVE-2023-36845 on Juniper Device | https://github.com/toanln-cov/CVE-2023-36845 | POC详情 |
| 4 | None | https://github.com/halencarjunior/CVE-2023-36845 | POC详情 |
| 5 | CVE-2023-36845 - Juniper Firewall Remote code execution (RCE) | https://github.com/zaenhaxor/CVE-2023-36845 | POC详情 |
| 6 | None | https://github.com/simrotion13/CVE-2023-36845 | POC详情 |
| 7 | PoC & vulnerability detector for Juniper EX switches and SRX firewalls | https://github.com/WhiteOwl-Pub/PoC-Vuln-Detector-juniper-cve-2023-36845 | POC详情 |
| 8 | CVE-2023-36845 PoC script automates the PoC for CVE-2023-36845 targeting Juniper Networks Junos OS's J-Web component on EX and SRX Series devices. It exploits a PHP flaw, allowing remote modification of the PHPRC variable. Successful exploitation can lead to code injection and execution. | https://github.com/cyberh3als/CVE-2023-36845-POC | POC详情 |
| 9 | Ansible Playbook for CVE-2023-36845 | https://github.com/ditekshen/ansible-cve-2023-36845 | POC详情 |
| 10 | proof of Concept and Vulnerability Detector for CVE-2023-36845 | https://github.com/WhiteOwl-Pub/Juniper-PoC-CVE-2023-36845 | POC详情 |
| 11 | Simple Automation script for juniper cve-2023-36845 | https://github.com/Asbawy/Automation-for-Juniper-cve-2023-36845 | POC详情 |
| 12 | Juniper RCE (Remote Code Execution) CVE-2023-36845 is a vulnerability that has been identified within Juniper's software. This particular flaw allows for remote code execution, meaning an attacker could run arbitrary code on a system without needing physical access to the device. | https://github.com/jahithoque/Juniper-CVE-2023-36845-Mass-Hunting | POC详情 |
| 13 | None | https://github.com/cyb3rzest/Juniper-Bug-Automation-CVE-2023-36845 | POC详情 |
| 14 | None | https://github.com/CharonDefalt/Juniper-exploit-CVE-2023-36845 | POC详情 |
| 15 | CVE-2023-36845 и CVE-2023-36846 Juniper Junos OS J-Web RCE | https://github.com/iveresk/CVE-2023-36845-6- | POC详情 |
| 16 | CVES | https://github.com/ak1t4/CVE-2023-36845 | POC详情 |
| 17 | This Python script automates the Proof of Concept (PoC) for CVE-2023-36845, a vulnerability impacting Juniper Networks Junos OS on EX and SRX Series devices. The vulnerability resides in the J-Web component, allowing remote manipulation of the PHPRC variable, potentially leading to code injection. | https://github.com/0xNehru/CVE-2023-36845-Juniper-Vulnerability | POC详情 |
| 18 | Juniper - Remote Code Execution (CVE-2023-36845) PreAuth-RCE Exploits | https://github.com/imhunterand/CVE-2023-36845 | POC详情 |
| 19 | A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to remotely execute code. | https://github.com/ifconfig-me/CVE-2023-36845 | POC详情 |
| 20 | CVE-2023-36845 – Unauthenticated Juniper Remote Code Execution Vulnerability Scanner | https://github.com/e11i0t4lders0n/CVE-2023-36845 | POC详情 |
| 21 | Ansible Playbook for CVE-2023-36845(Juniper Networks Junos OS 远程代码执行漏洞) | https://github.com/CKevens/ansible-cve-2023-36845 | POC详情 |
| 22 | None | https://github.com/Vignesh2712/Automation-for-Juniper-cve-2023-36845 | POC详情 |
| 23 | None | https://github.com/Vignesh2712/utomation-for-Juniper-cve-2023-36845 | POC详情 |
| 24 | Ansible Playbook for CVE-2023-36845(Juniper Networks Junos OS 远程代码执行漏洞) | https://github.com/3yujw7njai/ansible-cve-2023-36845 | POC详情 |
| 25 | Juniper Networks POC Understanding CVE-2023–36845 Remote Code Execution Exploit and Protection | https://github.com/functionofpwnosec/CVE-2023-36845 | POC详情 |
| 26 | A go-exploit to scan for Juniper firewalls vulnerable to CVE-2023-36845 cve-2023-36845, go-exploit | https://github.com/meekchest/cve-2023-36845-scanner | POC详情 |
| 27 | Ansible Playbook for CVE-2023-36845(Juniper Networks Junos OS 远程代码执行漏洞) | https://github.com/AiK1d/ansible-cve-2023-36845 | POC详情 |
| 28 | A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain environments variables to execute remote commands | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-36845.yaml | POC详情 |
暂无评论