CVE-2023-36846

Vulnerability updated 4 months ago (2024-05-04T18:47:30.690Z)

Download STIX

Preview STIX

CVE-2023-36846 is a significant software vulnerability discovered in Juniper's system, identified as a pre-authentication upload vulnerability. This flaw allows for the uploading of an arbitrary PHP file to a restricted directory with a randomized file name without requiring authentication. The vulnerability was exploited by security researchers at watchTowr Labs, who used it to compromise the system and highlight the potential risks associated with this flaw. The researchers focused on two specific vulnerabilities in Juniper during their investigation: CVE-2023-36846 and CVE-2023-36845. Both vulnerabilities were outlined in Juniper's security advisory, indicating the company's awareness of these flaws. CVE-2023-36846, in particular, posed a serious threat due to its ability to bypass standard authentication protocols, thereby enabling unauthorized access and potential system compromise. Following the discovery and exploitation of the vulnerabilities, watchTowr Labs developed and released a proof-of-concept (PoC) exploit that chains the SRX firewall flaws together. The PoC exploit, available at https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844, demonstrates how the missing authentication for critical function vulnerability (CVE-2023-36846) and a PHP external variable modification bug (CVE-2023-36845) can be exploited in conjunction. This release underscores the severity of these vulnerabilities and emphasizes the urgent need for remediation measures.

Description last updated: 2024-05-04T18:30:05.677Z

What's your take? (Question 1 of 4)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Juniper

Exploit

Vulnerability

Junos

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Vulnerabilities

To see the evidence that has resulted in these vulnerability associations, create a free account

ID	Type	Votes	Profile Description
CVE-2023-36844	Unspecified	2	CVE-2023-36844 is a medium-severity vulnerability (CVSS 5.3) in Juniper Networks' Junos OS, specifically impacting EX switches and SRX firewalls. This flaw, along with three others (CVE-2023-36845, CVE-2023-36846, CVE-2023-36847), was addressed by Juniper in mid-August. The details of these vulnerab

Source Document References

Information about the CVE-2023-36846 Vulnerability was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securityaffairs	8 months ago	Juniper Networks released out-of-band updates to fix high-severity flaws
CERT-EU	8 months ago	Juniper warns of critical RCE bug in its firewalls and switches
CERT-EU	10 months ago	More than 20 Danish energy firms compromised in a large-scale cyberattack
Securityaffairs	10 months ago	CISA adds five vulnerabilities in Juniper devices to its Known Exploited Vulnerabilities catalog
CERT-EU	10 months ago	CISA Adds Six Known Exploited Vulnerabilities to Catalog \| CISA
CERT-EU	10 months ago	CISA warns of actively exploited Juniper pre-auth RCE exploit chain
CERT-EU	a year ago	Juniper Networks acknowledges new spin on firewall vulnerability
CERT-EU	a year ago	Cyber Security Week in Review: September 22, 2023
CERT-EU	a year ago	GovCERT.HK - Security Alerts
Securityaffairs	a year ago	12,000 Juniper SRX firewalls and EX switches vulnerable to CVE-2023-36845
CERT-EU	a year ago	Thousands of Juniper devices vulnerable to unauthenticated RCE flaw
CERT-EU	a year ago	Weekly Vulnerability Recap - Sept 4, 2023 - Network Devices Hit
BankInfoSecurity	a year ago	Experts Urge Immediate Juniper Firewall and Switch Patching
CERT-EU	a year ago	This code allow to hack into Juniper SRX firewalls and EX switches
CERT-EU	a year ago	Recent Juniper Flaws Chained in Attacks Following PoC Exploit Publication
Securityaffairs	a year ago	Threat actors started exploiting Juniper flaws shortly after PoC release
CERT-EU	a year ago	Hackers exploit critical Juniper RCE bug chain after PoC release
Securityaffairs	a year ago	Experts published PoC exploit code for Juniper SRX firewall flaws
CERT-EU	a year ago	Exploit released for Juniper firewall bugs allowing RCE attacks
CERT-EU	a year ago	Juniper Networks Junos OS Let Attacker Remotely Execute Code