{"uuid": "c358e93a-1002-4b14-851d-edcedbb95452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36845", "type": "seen", "source": "https://t.me/arpsyndicate/1778", "content": "#ExploitObserverAlert\n\nCVE-2023-36845\n\nDESCRIPTION: Exploit Observer has 87 entries related to CVE-2023-36845. A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series   and SRX Series   allows an unauthenticated, network-based attacker to remotely execute code.  Using a crafted request which sets the variable PHPRC an attacker is able to modify the PHP execution environment allowing the injection und execution of code.   This issue affects Juniper Networks Junos OS on EX Series   and    SRX Series:      *  All versions prior to   20.4R3-S9;   *  21.1 versions 21.1R1 and later;   *  21.2 versions prior to\u00a021.2R3-S7;   *  21.3 versions prior to\u00a021.3R3-S5;   *  21.4 versions prior to 21.4R3-S5;   *  22.1 versions   prior to   22.1R3-S4;   *  22.2 versions   prior to   22.2R3-S2;   *  22.3 versions   prior to   22.3R2-S2, 22.3R3-S1;   *  22.4 versions   prior to   22.4R2-S1, 22.4R3;   *  23.2 versions prior to 23.2R1-S1, 23.2R2.\n\nFIRST-EPSS: 0.693120000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-12T00:45:41.000000Z"}