Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
prionPRIOn knowledge basePRION:CVE-2023-36844
HistoryAug 17, 2023 - 8:15 p.m.

Code injection

2023-08-1720:15:00
PRIOn knowledge base
www.prio-n.com
11
code injection
network-based attacker
environment variables
integrity loss
vulnerability chaining
juniper networks junos os
ex series
version affected

7 High

AI Score

Confidence

Low

0.714 High

EPSS

Percentile

98.1%

JSON

A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.

Using a crafted request an attacker is able to modify

certain PHP environment variablesย leading to partial loss of integrity,ย which may allow chaining to other vulnerabilities.
This issue affects Juniper Networks Junos OS on EX Series:

  • All versions prior to 20.4R3-S9;
  • 21.1 versions 21.1R1 and later;
  • 21.2 versions prior to 21.2R3-S7;
  • 21.3 versions

prior to

21.3R3-S5;

  • 21.4 versions

prior to

21.4R3-S5;

  • 22.1 versions

prior to

22.1R3-S4;

  • 22.2 versions

prior to

22.2R3-S2;

  • 22.3 versions

prior to 22.3R3-S1;

  • 22.4 versions

prior to

22.4R2-S2, 22.4R3;

  • 23.2 versions prior to

23.2R1-S1, 23.2R2.

CPENameOperatorVersion
junoslt20.4
junoseq20.4
junoseq20.4
junoseq20.4 r1
junoseq20.4
junoseq20.4 r2
junoseq20.4
junoseq20.4 r3
junoseq20.4
junoseq20.4
Rows per page:
1-10 of 1781

Related

githubexploit 3
nessus 2
nvd 1
cve 1
cisa_kev 1
cvelist 1
zdt 1
packetstorm 1
attackerkb 2
metasploit 1
nuclei 2
thn 4
rapid7blog 1
avleonov 1
githubexploit
githubexploit
Exploit for PHP External Variable Modification in Juniper Junos
2023-08-25 07:28:06
Exploit for PHP External Variable Modification in Juniper Junos
2023-09-24 13:30:09
Exploit for PHP External Variable Modification in Juniper Junos
2023-09-20 02:32:56
nessus
nessus
Juniper Junos OS Pre-Auth RCE (JSA72300)
2023-12-08 00:00:00
Juniper Junos OS Pre-Auth RCE (JSA72300)
2023-08-25 00:00:00
nvd
nvd
CVE-2023-36844
2023-08-17 20:15:10
cve
cve
CVE-2023-36844
2023-08-17 20:15:10
cisa_kev
cisa_kev
Juniper Junos OS EX Series PHP External Variable Modification Vulnerability
2023-11-13 00:00:00
cvelist
cvelist
CVE-2023-36844 Junos OS: EX Series: A PHP vulnerability in J-Web allows an unauthenticated attacker to control important environment variables
2023-08-17 19:17:47
zdt
zdt
Juniper SRX Firewall / EX Switch Remote Code Execution Exploit
2023-10-02 00:00:00
packetstorm
packetstorm
Juniper SRX Firewall / EX Switch Remote Code Execution
2023-10-02 00:00:00
attackerkb
attackerkb
CVE-2023-36845
2023-08-17 00:00:00
CVE-2023-36844
2023-08-17 00:00:00
metasploit
metasploit
Junos OS PHPRC Environment Variable Manipulation RCE
2023-09-20 20:47:05
nuclei
nuclei
Juniper J-Web - Remote Code Execution
2023-09-19 01:54:05
Juniper Devices - Remote Code Execution
2023-08-26 07:36:41
thn
thn
New Juniper Junos OS Flaws Expose Devices to Remote Attacks - Patch Now
2023-08-19 07:38:00
Nearly 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
2023-09-19 09:30:00
CISA Sets a Deadline - Patch Juniper Junos OS Flaws Before November 17
2023-11-14 06:03:00
rapid7blog
rapid7blog
Exploitation of Juniper Networks SRX Series and EX Series Devices
2023-08-31 20:23:59
avleonov
avleonov
August 2023: GitHub PoCs, Vulristics, Qualys First-Party, Tenable ExposureAI, SC Awards and Rapid7, Anglo-Saxon list, MS Patch Tuesday, WinRAR, Juniper
2023-08-30 16:15:31

7 High

AI Score

Confidence

Low

0.714 High

EPSS

Percentile

98.1%

JSON
Related for PRION:CVE-2023-36844
githubexploit3nessus2nvd1cve1cisa_kev1cvelist1zdt1packetstorm1attackerkb2metasploit1nuclei2thn4rapid7blog1avleonov1