Juniper - Remote Code Execution CVE-2023-36845
- Severity
- CVSSv3 Score
- 9.8
- Vulnerability description
Juniper server is vulnerable to CVE-2023-36845, a Remote Code Execution vulnerability. A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables. Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities. We have detected this vulnerability by sending a crafted request to upload a php file which executes the php_uname function to extract information about the system.
- Risk description
The risk exists that an unauthenticated remote attacker could gain Remote Code Execution access which will result in a fully compromised server through which they could steal confidential information, install ransomware, or pivot to the internal network.
- Exploit capabilities
Sniper can extract custom artefacts as evidence from the target system.
- Recommendation
Update the Juniper Networks Junos OS server to the latest version.
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Sniper
- Exploitable with Sniper
- Yes
- CVE Published
- Aug 17, 2023
- Detection added at
- Software Type
- Network Management
- Vendor
- Juniper Networks
- Product
- J-Web Juniper Networks Junos