CVE-2023-36844 PoC — Juniper Networks Junos OS EX 安全漏洞

Source

https://github.com/r3dcl1ff/CVE-2023-36844_Juniper_RCE

Associated Vulnerability

Title:Juniper Networks Junos OS EX 安全漏洞 (CVE-2023-36844)
Description:Juniper Networks Junos OS EX是美国瞻博网络（Juniper Networks）公司的一套专用于该公司的硬件设备的网络操作系统。该操作系统提供了安全编程接口和Junos SDK。 Juniper Networks Junos OS EX存在安全漏洞，该漏洞源于J-Web模块存在PHP外部变量修改漏洞。

Description

A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr .

Readme

# CVE-2023-36844_Juniper_RCE
A Proof of Concept for chaining the CVEs [CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847] to achieve Remote Code Execution (phpinfo) in Juniper JunOS within SRX and EX Series products.Modified from original exploit developed by @watchTowr .

Shodan dork : title:"Juniper" http.favicon.hash:2141724739

File Snapshot


 [4.0K]  /data/pocs/5a32e42c30cdd1f2f396ec6f385e1447ee99fde7
├── [2.4K]  exploit.py
└── [ 346]  README.md

0 directories, 2 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!