CVE-2023-36845 PoC — Juniper Networks Junos OS EX 安全漏洞

Source

https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-36845.yaml

Associated Vulnerability

Title:Juniper Networks Junos OS EX 安全漏洞 (CVE-2023-36845)
Description:Juniper Networks Junos OS EX是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS EX存在安全漏洞，该漏洞源于J-Web模块存在PHP外部变量修改漏洞。

Description

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain environments variables to execute remote commands

File Snapshot


 id: CVE-2023-36845

info:
  name: Juniper J-Web - Remote Code Execution
  author: yaser_s
  severity

...

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!