1.9 KiB
CVE-2023-36846
Description
A Missing Authentication for Critical Function vulnerability in Juniper Networks Junos OS on SRX Series allows an unauthenticated, network-based attacker to cause limited impact to the file system integrity.With a specific request to user.php that doesn't require authentication an attacker is able to upload arbitrary files via J-Web, leading to a loss of integrityfor a certain part of the file system, which may allow chaining to other vulnerabilities.This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 20.4R3-S8; * 21.1 versions 21.1R1 and later; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S3; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3; * 22.4 versions prior to 22.4R2-S1, 22.4R3.
POC
Reference
Github
- https://github.com/Chocapikk/CVE-2023-36846
- https://github.com/Dreamy-elfland/CVE-2023-36846
- https://github.com/Ostorlab/KEV
- https://github.com/Ostorlab/known_exploited_vulnerbilities_detectors
- https://github.com/devmehedi101/bugbounty-CVE-Report
- https://github.com/iveresk/CVE-2023-36845-6-
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/r3dcl1ff/CVE-2023-36844_Juniper_RCE
- https://github.com/securi3ytalent/bugbounty-CVE-Report
- https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844