{"vulnerability": "CVE-2023-36844", "sightings": [{"uuid": "defd67bc-1c77-4608-8925-f800637d59e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-11-13T18:10:02.000000Z"}, {"uuid": "b67ec8f9-3362-444a-86cb-c4b03300f56a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971918", "content": "", "creation_timestamp": "2024-12-24T20:35:37.949934Z"}, {"uuid": "a660c343-8d1b-4bde-848b-c1fb6acd57f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-15)", "content": "", "creation_timestamp": "2025-02-15T00:00:00.000000Z"}, {"uuid": "a75f8547-89e9-43bd-a47f-0ec03c57838b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-08)", "content": "", "creation_timestamp": "2025-02-08T00:00:00.000000Z"}, {"uuid": "00032411-44ad-4449-b481-bed6e2379506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-21)", "content": "", "creation_timestamp": "2025-07-21T00:00:00.000000Z"}, {"uuid": "dfc54d10-c3aa-4844-a1e7-2e9fb0945c4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:48.000000Z"}, {"uuid": "c504fe1f-611f-4620-af0a-ff2b4d10698b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-03-01)", "content": "", "creation_timestamp": "2025-03-01T00:00:00.000000Z"}, {"uuid": "ce9f8446-d8ee-4066-a074-bb5edf9d88a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-26)", "content": "", "creation_timestamp": "2025-05-26T00:00:00.000000Z"}, {"uuid": "80fbebd8-1a0d-4bbb-9c51-5384a1f49c59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-26)", "content": "", "creation_timestamp": "2025-10-26T00:00:00.000000Z"}, {"uuid": "7d3a1302-1cd9-45a2-b957-48de624b5e94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-07-28)", "content": "", "creation_timestamp": "2025-07-28T00:00:00.000000Z"}, {"uuid": "e141ae43-5a87-455e-bf84-cfd712216e92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-03)", "content": "", "creation_timestamp": "2025-08-03T00:00:00.000000Z"}, {"uuid": "e5501e13-fc5d-4881-8ac5-08f60fc824f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-06)", "content": "", "creation_timestamp": "2025-11-06T00:00:00.000000Z"}, {"uuid": "44fadc64-e972-4e74-9db2-9afacf9fdad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-02)", "content": "", "creation_timestamp": "2025-09-02T00:00:00.000000Z"}, {"uuid": "d2ffd2d8-4600-4fb0-85a0-27ca0c1b9bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-28)", "content": "", "creation_timestamp": "2025-10-28T00:00:00.000000Z"}, {"uuid": "18341c2d-dba3-47f1-bc8e-ff5b56832369", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-22)", "content": "", "creation_timestamp": "2025-10-22T00:00:00.000000Z"}, {"uuid": "edd4c4f8-4d5d-4b6b-8900-3867b4a73b22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-08-25)", "content": "", "creation_timestamp": "2025-08-25T00:00:00.000000Z"}, {"uuid": "7bc65506-61c7-4168-8925-118d3dad6271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-09-24)", "content": "", "creation_timestamp": "2025-09-24T00:00:00.000000Z"}, {"uuid": "0ffdd1ab-2976-4507-b3f7-bdb15c8882a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "https://www.kyberturvallisuuskeskus.fi/fi/haavoittuvuus_14/2023", "content": "", "creation_timestamp": "2023-08-20T06:53:11.000000Z"}, {"uuid": "f14f69e4-e340-4040-9964-09547abb2f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-12-26)", "content": "", "creation_timestamp": "2025-12-26T00:00:00.000000Z"}, {"uuid": "8040f49f-3caf-4430-ae9b-01371eb7de39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-01-01)", "content": "", "creation_timestamp": "2026-01-01T00:00:00.000000Z"}, {"uuid": "7d1b9c33-f61d-4723-9683-b0262164b1bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-04)", "content": "", "creation_timestamp": "2026-03-04T00:00:00.000000Z"}, {"uuid": "a6502338-933a-47da-a044-38ededa2979a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-02)", "content": "", "creation_timestamp": "2026-03-02T00:00:00.000000Z"}, {"uuid": "eae0e75f-56c3-4191-81ad-f04d6fbf0a8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1113", "content": "", "creation_timestamp": "2023-09-20T04:00:00.000000Z"}, {"uuid": "0332bd32-1795-484f-a1f8-df1d7fffb618", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-26)", "content": "", "creation_timestamp": "2026-03-26T00:00:00.000000Z"}, {"uuid": "3444549a-6269-4826-98ac-530cbd670ea5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/fdda4963-0aa7-4d15-8a8f-969db8f304ca", "content": "", "creation_timestamp": "2025-02-28T23:49:13.272798Z"}, {"uuid": "63b5e9d2-4148-4e22-905a-4cc7b2c061ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-31)", "content": "", "creation_timestamp": "2026-03-31T00:00:00.000000Z"}, {"uuid": "37ab1feb-db19-4fe7-9b26-5f2e787ddf7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0d90b801-ce04-4524-9b55-cddf617bfaf4", "content": "", "creation_timestamp": "2026-02-02T12:26:46.885571Z"}, {"uuid": "91c03611-73b6-446b-ac1e-486daa7dd6d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-27)", "content": "", "creation_timestamp": "2026-04-27T00:00:00.000000Z"}, {"uuid": "5e12e7f3-c841-4e2c-b6bb-5457a8161008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "https://t.me/itsec_news/3673", "content": "\u200b\u26a1\ufe0fJuniper \u043f\u043e\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0434 \u0443\u0434\u0430\u0440 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0443 \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0438 \u0438 \u0421\u0428\u0410\n\n\ud83d\udcac \u0410\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u043f\u043e \u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0438 \u0437\u0430\u0449\u0438\u0442\u0435 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0421\u0428\u0410 CISA \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u043e \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0443\u0441\u0438\u043b\u0435\u043d\u0438\u044f \u0437\u0430\u0449\u0438\u0442\u044b \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Juniper \u0432 \u0441\u0435\u0442\u044f\u0445. \u041f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u043b\u043e \u0437\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u0435\u043c \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0436\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u0441 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u043a\u043e\u0434\u0430 (Remote Code Execution, RCE).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u044b\u0435 \u043a\u0430\u043a CVE-2023-36844, CVE-2023-36845, CVE-2023-36846 \u0438 CVE-2023-36847, \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 J-Web Juniper. \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Juniper \u0441\u043e\u043e\u0431\u0449\u0438\u043b\u0430 \u043e \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u0445 \u043a\u043b\u0438\u0435\u043d\u0442\u0430\u043c \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u043e\u0441\u043b\u0435 \u0442\u043e\u0433\u043e, \u043a\u0430\u043a \u0441\u043b\u0443\u0436\u0431\u0430 \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0443\u0433\u0440\u043e\u0437 ShadowServer \u0437\u0430\u0444\u0438\u043a\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043f\u043e\u043f\u044b\u0442\u043a\u0438 \u0438\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438. \u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043a\u043e\u043c\u0430\u043d\u0434\u0430 watchTowr Labs \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u0434\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u044c\u0441\u0442\u0432\u043e \u043a\u043e\u043d\u0446\u0435\u043f\u0446\u0438\u0438 (Proof-of-Concept, PoC) \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shadowserver, \u0431\u043e\u043b\u0435\u0435 10 000 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Juniper, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 J-Web, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u043f\u0440\u0438\u0447\u0435\u043c \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043d\u0438\u0445 \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u042e\u0436\u043d\u043e\u0439 \u041a\u043e\u0440\u0435\u0435 (\u043e\u043a\u043e\u043b\u043e 3 000) \u0438 \u0421\u0428\u0410 (\u043e\u043a\u043e\u043b\u043e 1 300). \u042d\u0442\u043e \u043f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0430\u0435\u0442 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u044c \u0443\u0433\u0440\u043e\u0437\u044b, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u0430\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u0433\u0440\u0430\u044e\u0442 \u043a\u043b\u044e\u0447\u0435\u0432\u0443\u044e \u0440\u043e\u043b\u044c \u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0435.\n\nCISA \u043f\u0440\u0438\u0437\u0432\u0430\u043b\u043e \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u043e\u0432 \u0441\u0440\u043e\u0447\u043d\u043e \u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043c\u0435\u0440\u044b, \u043e\u0431\u043d\u043e\u0432\u0438\u0432 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0443\u044e \u0441\u0438\u0441\u0442\u0435\u043c\u0443 JunOS \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0438\u043b\u0438, \u043a\u0430\u043a \u043c\u0438\u043d\u0438\u043c\u0443\u043c, \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0432 \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u043a \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 J-Web. \u042d\u0442\u043e \u043f\u043e\u043c\u043e\u0436\u0435\u0442 \u043c\u0438\u043d\u0438\u043c\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0440\u0438\u0441\u043a\u0438 \u0430\u0442\u0430\u043a.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, CISA \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Juniper \u0432 \u0441\u0432\u043e\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 (Known Exploited Vulnerabilities, KEV), \u043e\u0431\u043e\u0437\u043d\u0430\u0447\u0438\u0432 \u0438\u0445 \u043a\u0430\u043a \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0440\u0438\u0441\u043a\u0438 \u0434\u043b\u044f \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u044f\u0442\u0438\u044f \u0438 \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u044b\u0435 \u0432\u0435\u043a\u0442\u043e\u0440\u044b \u0430\u0442\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432.\n\n\u0424\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0435 \u0433\u0440\u0430\u0436\u0434\u0430\u043d\u0441\u043a\u0438\u0435 \u0438\u0441\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u0430 \u0442\u0435\u043f\u0435\u0440\u044c \u043e\u0431\u044f\u0437\u0430\u043d\u044b \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0438\u0442\u044c \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Juniper \u0432 \u0441\u0432\u043e\u0438\u0445 \u0441\u0435\u0442\u044f\u0445 \u0434\u043e 17 \u043d\u043e\u044f\u0431\u0440\u044f. \u0422\u0430\u043a\u0436\u0435 CISA \u0442\u0430\u043a\u0436\u0435 \u043d\u0430\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0435\u0442 \u0432\u0441\u0435\u043c \u043e\u0440\u0433\u0430\u043d\u0438\u0437\u0430\u0446\u0438\u044f\u043c, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0447\u0430\u0441\u0442\u043d\u044b\u0435 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043f\u0440\u0438\u0434\u0430\u0442\u044c \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u0439 \u043f\u0440\u0438\u043e\u0440\u0438\u0442\u0435\u0442 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2023-11-14T13:09:19.000000Z"}, {"uuid": "a196b7c7-4fd7-4ee1-8cbd-2613add8112b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5199", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRepository for CVE-2023-4281 vulnerability. \nURL\uff1ahttps://github.com/r3dcl1ff/CVE-2023-36844_Juniper_RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-24T13:31:46.000000Z"}, {"uuid": "98874460-f3f0-4d3f-b45f-8110f03b92ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5709", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aJuniper Junos exploit for CVE-2023-36844 (or CVE-2023-36845)\nURL\uff1ahttps://github.com/realcitril/CVE-2023-36844\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-11-07T19:40:02.000000Z"}, {"uuid": "c33f3149-8f7c-4589-846c-3567ff636dbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-26)", "content": "", "creation_timestamp": "2026-04-26T00:00:00.000000Z"}, {"uuid": "5b4fa3a7-ad89-4bae-baf0-b0fc39e09279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "https://t.me/hackyourmom/6009", "content": "CISA \u0434\u043e\u0434\u0430\u043b\u0430 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 Juniper \u0434\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u043e\u0432\u0430\u043d\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439.\n\n\u0410\u043c\u0435\u0440\u0438\u043a\u0430\u043d\u0441\u044c\u043a\u0435 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432\u043e \u0437 \u043a\u0456\u0431\u0435\u0440\u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0442\u0430 \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0456\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0438 (CISA) \u0432\u043a\u043b\u044e\u0447\u0438\u043b\u043e \u0434\u043e \u0441\u0432\u043e\u0433\u043e \u043a\u0430\u0442\u0430\u043b\u043e\u0433\u0443 KEV \u0448\u0456\u0441\u0442\u044c \u043d\u043e\u0432\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439, \u0437 \u044f\u043a\u0438\u0445 \u043f'\u044f\u0442\u044c \u0441\u0442\u043e\u0441\u0443\u044e\u0442\u044c\u0441\u044f \u043e\u043f\u0435\u0440\u0430\u0446\u0456\u0439\u043d\u043e\u0457 \u0441\u0438\u0441\u0442\u0435\u043c\u0438 Juniper Junos OS, \u0430 \u043e\u0434\u043d\u0430 - \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043d\u043e\u0433\u043e \u0437\u0430\u0431\u0435\u0437\u043f\u0435\u0447\u0435\u043d\u043d\u044f \u0434\u043b\u044f \u0406\u0422-\u043f\u0456\u0434\u0442\u0440\u0438\u043c\u043a\u0438 \u043f\u0456\u0434 \u043d\u0430\u0437\u0432\u043e\u044e SysAid.\n\n\u0421\u0435\u0440\u0435\u0434 \u0434\u043e\u0434\u0430\u043d\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439:\nCVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847, CVE-2023-36851: \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 \u0432 Juniper Junos OS \u0441\u0435\u0440\u0456\u0439 EX \u0456 SRX, \u043f\u043e\u0432'\u044f\u0437\u0430\u043d\u0456 \u0437 \u043d\u0435\u0434\u043e\u043b\u0456\u043a\u0430\u043c\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u0430\u0446\u0456\u0457 \u0442\u0430 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u044f\u043c\u0438 \u0432 PHP.\nCVE-2023-47246: \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u0443 \u0441\u0435\u0440\u0432\u0435\u0440\u0456 SysAid, \u043f\u043e\u0432'\u044f\u0437\u0430\u043d\u0430 \u0437 \u043e\u0431\u0445\u0456\u0434\u043e\u043c \u0448\u043b\u044f\u0445\u0443.\n\n\u0417\u0430 \u0456\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0456\u0454\u044e Juniper SIRT, \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 \u0432 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0456 J-Web \u043c\u043e\u0436\u0443\u0442\u044c \u0431\u0443\u0442\u0438 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u0430\u043d\u0456 \u0434\u043b\u044f \u0432\u0438\u043a\u043e\u043d\u0430\u043d\u043d\u044f \u0432\u0456\u0434\u0434\u0430\u043b\u0435\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0443 \u0431\u0435\u0437 \u043f\u043e\u043f\u0435\u0440\u0435\u0434\u043d\u044c\u043e\u0457 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0456\u043a\u0430\u0446\u0456\u0457. \u041a\u043e\u043c\u043f\u0430\u043d\u0456\u044f \u043f\u0456\u0434\u0442\u0432\u0435\u0440\u0434\u0438\u043b\u0430, \u0449\u043e \u0437\u043b\u043e\u0432\u043c\u0438\u0441\u043d\u0438\u043a\u0438 \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u044e\u0442\u044c \u0446\u0456 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 \u0432 \u0440\u0435\u0430\u043b\u044c\u043d\u0438\u0445 \u0430\u0442\u0430\u043a\u0430\u0445.\n\nCISA \u0432\u0438\u043c\u0430\u0433\u0430\u0454 \u0432\u0456\u0434 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u0438\u0445 \u0430\u0433\u0435\u043d\u0442\u0441\u0442\u0432 \u0443\u0441\u0443\u043d\u0443\u0442\u0438 \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u0456 \u043d\u0435\u0434\u043e\u043b\u0456\u043a\u0438 \u0431\u0435\u0437\u043f\u0435\u043a\u0438 Juniper \u0434\u043e 17 \u043b\u0438\u0441\u0442\u043e\u043f\u0430\u0434\u0430 2023 \u0440\u043e\u043a\u0443, \u0430 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u0441\u0435\u0440\u0432\u0435\u0440\u0430 SysAid - \u0434\u043e 4 \u0433\u0440\u0443\u0434\u043d\u044f 2023 \u0440\u043e\u043a\u0443.\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0456\u044f Juniper \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u0454 \u0432\u0438\u043c\u043a\u043d\u0443\u0442\u0438 J-Web \u0430\u0431\u043e \u043e\u0431\u043c\u0435\u0436\u0438\u0442\u0438 \u0434\u043e\u0441\u0442\u0443\u043f \u0434\u043e \u043d\u044c\u043e\u0433\u043e \u043b\u0438\u0448\u0435 \u0434\u043b\u044f \u0434\u043e\u0432\u0456\u0440\u0435\u043d\u0438\u0445 \u0445\u043e\u0441\u0442\u0456\u0432 \u044f\u043a \u0442\u0438\u043c\u0447\u0430\u0441\u043e\u0432\u0438\u0439 \u0437\u0430\u0445\u0456\u0434. \u0412\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456 \u0431\u0443\u043b\u0438 \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u0456 \u0432 \u0441\u0435\u0440\u043f\u043d\u0456 \u0446\u044c\u043e\u0433\u043e \u0440\u043e\u043a\u0443, \u0430\u043b\u0435, \u0441\u0445\u043e\u0436\u0435, \u0434\u043e \u0446\u044c\u043e\u0433\u043e \u0447\u0430\u0441\u0443 \u043f\u0440\u0430\u043a\u0442\u0438\u0447\u043d\u043e \u043d\u0435 \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0443\u0432\u0430\u043b\u0438\u0441\u044f. \u041a\u043e\u043c\u043f\u0430\u043d\u0456\u044f \u0432\u0438\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0432\u0456\u0434\u043f\u043e\u0432\u0456\u0434\u043d\u0456 \u043f\u0430\u0442\u0447\u0456 \u043d\u0435\u0437\u0430\u0431\u0430\u0440\u043e\u043c \u043f\u0456\u0441\u043b\u044f \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u043d\u044f \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439 \u0456 \u0437 \u0442\u043e\u0433\u043e \u0447\u0430\u0441\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0437\u0430\u043a\u043b\u0438\u043a\u0430\u0454 \u043a\u043b\u0456\u0454\u043d\u0442\u0456\u0432 \u043e\u043d\u043e\u0432\u043b\u044e\u0432\u0430\u0442\u0438 \u0441\u0432\u043e\u0457 \u0435\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0438 Junos OS \u0434\u043e \u0431\u0435\u0437\u043f\u0435\u0447\u043d\u043e\u0457 \u0432\u0435\u0440\u0441\u0456\u0457.\n\n\u0412 \u043a\u0456\u043d\u0446\u0456 \u0441\u0435\u0440\u043f\u043d\u044f \u0434\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a\u0438 \u0437 watchTowr Labs \u043e\u043f\u0443\u0431\u043b\u0456\u043a\u0443\u0432\u0430\u043b\u0438 PoC-\u0435\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0432\u0438\u044f\u0432\u043b\u0435\u043d\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439. \u0410\u0442\u0430\u043a\u0443\u044e\u0447\u0456 \u043c\u043e\u0436\u0443\u0442\u044c \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u043e\u0432\u0443\u0432\u0430\u0442\u0438 \u043b\u0430\u043d\u0446\u044e\u0436\u043e\u043a \u0456\u0441\u043d\u0443\u044e\u0447\u0438\u0445 \u043d\u0435\u0434\u043e\u043b\u0456\u043a\u0456\u0432 \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0434\u043b\u044f \u0432\u0456\u0434\u0434\u0430\u043b\u0435\u043d\u043e\u0433\u043e \u0432\u0438\u043a\u043e\u043d\u0430\u043d\u043d\u044f \u043a\u043e\u0434\u0443 \u043d\u0430 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0438\u0445 \u043f\u0440\u0438\u0441\u0442\u0440\u043e\u044f\u0445. \u0414\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a\u0438 watchTowr \u0442\u0430\u043a\u043e\u0436 \u0434\u0435\u0442\u0430\u043b\u044c\u043d\u043e \u043e\u043f\u0438\u0441\u0430\u043b\u0438 \u043f\u0440\u043e\u0446\u0435\u0441 \u0432\u0456\u0434\u0442\u0432\u043e\u0440\u0435\u043d\u043d\u044f, \u043e\u0431'\u0454\u0434\u043d\u0430\u043d\u043d\u044f \u0442\u0430 \u0435\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0456\u0457 \u0446\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439.\n\n\u0412 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0456 \u0432\u0435\u0440\u0435\u0441\u043d\u044f \u0434\u043e\u0441\u043b\u0456\u0434\u043d\u0438\u043a\u0438 \u0437 VulnCheck \u0432\u0438\u044f\u0432\u0438\u043b\u0438 \u043f\u0440\u0438\u0431\u043b\u0438\u0437\u043d\u043e 15 000 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u0435\u0440\u0456\u0432 Juniper SRX \u0456 \u043a\u043e\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0456\u0432 Juniper EX, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0438\u0445 \u0432 \u0406\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0456 \u0456 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u0438\u0445 \u0434\u043e \u0432\u0438\u0449\u0435\u0437\u0433\u0430\u0434\u0430\u043d\u0438\u0445 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0435\u0439. \u0417\u0430 \u0434\u0430\u043d\u0438\u043c\u0438 VulnCheck, \u0432 \u0441\u0435\u0440\u0435\u0434\u043d\u044c\u043e\u043c\u0443 \u0431\u043b\u0438\u0437\u044c\u043a\u043e 80% \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u0438\u0445 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u0435\u0440\u0456\u0432, \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u0438\u0445 \u0447\u0435\u0440\u0435\u0437 \u0406\u043d\u0442\u0435\u0440\u043d\u0435\u0442, \u0437\u0430\u043b\u0438\u0448\u0430\u043b\u0438\u0441\u044f \u043d\u0435\u043e\u043d\u043e\u0432\u043b\u0435\u043d\u0456 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u0430\u043d\u0430\u043b\u0456\u0437\u0443.\n\n\u0415\u043a\u0441\u043f\u0435\u0440\u0442\u0438 \u043f\u0456\u0434\u043a\u0440\u0435\u0441\u043b\u044e\u044e\u0442\u044c, \u0449\u043e \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u0435\u0440\u0438 \u0454 \u043f\u0440\u0438\u0432\u0430\u0431\u043b\u0438\u0432\u0438\u043c\u0438 \u0446\u0456\u043b\u044f\u043c\u0438 \u0434\u043b\u044f \u043d\u0430\u0446\u0456\u043e\u043d\u0430\u043b\u044c\u043d\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u0456\u0432, \u043e\u0441\u043a\u0456\u043b\u044c\u043a\u0438 \u0432\u043e\u043d\u0438 \u0434\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442\u044c \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u0443\u0442\u0438 \u0432 \u0437\u0430\u0445\u0438\u0449\u0435\u043d\u0456 \u043c\u0435\u0440\u0435\u0436\u0456 \u0456 \u043c\u043e\u0436\u0443\u0442\u044c \u0441\u043b\u0443\u0436\u0438\u0442\u0438 \u0445\u043e\u0441\u0442\u0430\u043c\u0438 \u0434\u043b\u044f \u0456\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0438 \u0443\u043f\u0440\u0430\u0432\u043b\u0456\u043d\u043d\u044f \u0456 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044e. \u0422\u0456\u043b\u044c\u043a\u0438 \u0441\u0432\u043e\u0454\u0447\u0430\u0441\u043d\u0435 \u0432\u0441\u0442\u0430\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044f \u043e\u043d\u043e\u0432\u043b\u0435\u043d\u044c \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0442\u0430 \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u0438\u0439 \u043f\u0456\u0434\u0445\u0456\u0434 \u0434\u043e \u043a\u0456\u0431\u0435\u0440\u0437\u0430\u0445\u0438\u0441\u0442\u0443 \u0437\u043c\u043e\u0436\u0435 \u043e\u0431\u0435\u0440\u0435\u0433\u0442\u0438 \u043e\u0440\u0433\u0430\u043d\u0456\u0437\u0430\u0446\u0456\u0457 \u0432\u0456\u0434 \u043d\u0435\u043f\u0440\u0438\u0454\u043c\u043d\u0438\u0445 \u043d\u0430\u0441\u043b\u0456\u0434\u043a\u0456\u0432 \u0445\u0430\u043a\u0435\u0440\u0441\u044c\u043a\u0438\u0445 \u0430\u0442\u0430\u043a.", "creation_timestamp": "2023-11-19T08:14:40.000000Z"}, {"uuid": "b17a7148-f932-41da-b810-7416d8f33b05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/184", "content": "CVE-2023-36844 And Friends: RCE In Juniper Devices\n\n\ud83d\udc64 by Sonny\n\nA recent out-of-cycle Juniper security bulletin caught team's attention, describing two bugs which, although only a 5.3 on the CVSS scale individually, supposedly could be combined for RCE. The bulletin actually contains four CVEs, as the two bugs apply to two separate platforms (the -EX switches and -SRX firewall devices). They'll focus just on the -SRX bugs, as they expect the -EX bugs to be identical. These are two individual flaws.\n\nThis is an interesting bug chain, utilising two bugs that would be near-useless in isolation and combining them for a 'world ending' unauthenticated RCE.\n\n\ud83d\udcdd Contents:\n\u25cf First Impressions\n\u25cf Of $internal_functions\n\u25cf Interesting Internal Functions\n\u25cf A Polluted Environment\n\u25cf Preloading Libraries\n\u25cf We don't need no steenkin' binaries\n\u25cf Other bits and bobs\n\u25cf Aftermath\n\u25cf Proof of Concept\n\u25cf Closing words\n\nhttps://labs.watchtowr.com/cve-2023-36844-and-friends-rce-in-juniper-firewalls/", "creation_timestamp": "2023-08-28T06:49:00.000000Z"}, {"uuid": "003676ef-4fe9-4486-89d9-ad453b5f7763", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/bh_cat/29", "content": "", "creation_timestamp": "2023-08-29T21:20:03.000000Z"}, {"uuid": "24182c20-8ed6-4a5d-954f-78949727712f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "https://t.me/bh_cat/26", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u0440\u0430\u0431\u043e\u0442\u044b\n\n\u2694\ufe0f  Remote Code Execution in Juniper\n\nCVE-2023-36844 \u0438 CVE-2023-36845 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u044e\u0442 \u043d\u0430 \u0441\u043b\u0430\u0431\u043e\u0441\u0442\u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432\u043d\u0435\u0448\u043d\u0438\u0445 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 PHP \u0432 J-Web. \u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0434\u0430\u0435\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0432\u0430\u0436\u043d\u044b\u043c\u0438 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u044b/ \u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u0441\u043b\u0443\u0436\u0438\u0442\u044c \u043e\u0442\u043f\u0440\u0430\u0432\u043d\u043e\u0439 \u0442\u043e\u0447\u043a\u043e\u0439 \u0434\u043b\u044f \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u043f\u043e\u0434\u0447\u0435\u0440\u043a\u0438\u0432\u0430\u044f \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043b\u0435\u043a\u0441\u043d\u044b\u0445 \u043c\u0435\u0440 \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e \u0443\u0433\u0440\u043e\u0437\u044b.\n\u0422\u0430\u043a\u0436\u0435, CVE-2023-36846 \u0438 CVE-2023-36847 \u0440\u0430\u0441\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0441 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0435\u043c \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0432 Junos OS \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0441\u0435\u0440\u0438\u0438 SRX. \u042d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0445 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u0447\u0435\u0440\u0435\u0437 J-Web.\n\n\u2757\ufe0fAffect Versions:\n<=20.4R3-S9    <=22.1R3-S4\n<=21.2R3-S6    <=22.2R3-S2\n<=21.3R3-S5    <=22.3R3-S1\n<=21.4R3-S5     <=22.4R2-S2\n22.4R3\n\n\ud83c\udf10 Source:\n\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n#juniper #poc", "creation_timestamp": "2023-09-14T05:56:57.000000Z"}, {"uuid": "74aa232e-9050-432a-80be-90793910228c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "https://t.me/arpsyndicate/757", "content": "#ExploitObserverAlert\n\nCVE-2023-36844\n\nDESCRIPTION: Exploit Observer has 16 entries related to CVE-2023-36844. A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.  Using a crafted request an attacker is able to modify   certain PHP environment variables\u00a0leading to partial loss of integrity,\u00a0which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series:      *  All versions prior to 20.4R3-S9;   *  21.1 versions 21.1R1 and later;   *  21.2 versions prior to 21.2R3-S7;   *  21.3 versions   prior to    21.3R3-S5;   *  21.4 versions   prior to   21.4R3-S5;   *  22.1 versions   prior to   22.1R3-S4;   *  22.2 versions   prior to   22.2R3-S2;   *  22.3 versions   prior to 22.3R3-S1;   *  22.4 versions   prior to   22.4R2-S2, 22.4R3;   *  23.2 versions prior to   23.2R1-S1, 23.2R2.\n\nFIRST-EPSS: 0.212160000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2023-11-29T15:08:00.000000Z"}, {"uuid": "d21873a1-e65e-4ac7-8364-d4913e90f153", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/purple_medved/88", "content": "\u0414\u0430\u0432\u043d\u0435\u043d\u044c\u043a\u043e \u043c\u044b \u0443\u0436\u0435 \u043d\u0435 \u0440\u0430\u0437\u0431\u0438\u0440\u0430\u043b\u0438 \u043d\u043e\u0432\u044b\u0435 CVE, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0441\u0435\u0433\u043e\u0434\u043d\u044f \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u043c \u043f\u0440\u043e \u0447\u0435\u0439\u043d CVE-2023-36846 - Missing Authentication for Critical Function vulnerability \u0438 CVE-2023-36845 - PHP External Variable Modification vulnerability, \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c RCE \u043d\u0430 \u0441\u0432\u0438\u0447\u0430\u0445 (EX) \u0438 NGFW (SRX) Juniper \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c JunOS.\n\n\u041f\u043e \u0438\u0442\u043e\u0433\u0430\u043c 2020 \u0433\u043e\u0434\u0430 Juniper Network \u0438\u043c\u0435\u043b\u0430 \u043f\u043e\u043a\u0440\u044b\u0442\u0438\u0435 - 8,1% \u043c\u0438\u0440\u043e\u0432\u043e\u0433\u043e \u0440\u044b\u043d\u043a\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 (\u0434\u0430\u043d\u043d\u044b\u0435 \u0430\u043d\u0430\u043b\u0438\u0442\u0438\u043a\u0438 Gartner), \u0438\u043c\u0435\u0435\u0442 \u043c\u0438\u043b\u043b\u0438\u0430\u0440\u0434\u043d\u044b\u0435 \u043e\u0431\u043e\u0440\u043e\u0442\u044b, \u043d\u0430\u0437\u0432\u0430\u043d\u0430 \u0432 \u0447\u0435\u0441\u0442\u044c \u043c\u043e\u0436\u0436\u0435\u0432\u0435\u043b\u044c\u043d\u0438\u043a\u0430 \u0438 \u0443\u0448\u043b\u0430 \u0438\u0437 \u0420\u043e\u0441\u0441\u0438\u0438 \u0432 2022 \u0433\u043e\u0434\u0443.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0447\u0435\u0439\u043d\u0430 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u0441\u043e\u0431\u043e\u0439 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0441\u0442\u044c \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0445 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u0439:\n\u2611\ufe0f 1. CVE-2023-36846 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0432 \u043e\u0431\u0445\u043e\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0437\u0430\u043b\u0438\u0442\u044c php \u0448\u0435\u043b\u043b \u0432 /var/tmp\n\u2611\ufe0f 2. \u0422\u0430\u043a\u0438\u043c \u0436\u0435 \u043e\u0431\u0440\u0430\u0437\u043e\u043c \u0437\u0430\u043b\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 php .ini c \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u043e\u0439 auto_prepend_file \u0434\u043b\u044f \u043f\u0435\u0440\u0432\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u0439 Verified Exec\n\u2611\ufe0f 3. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f CVE-2023-36845 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u043e\u043a\u0440\u0443\u0436\u0435\u043d\u0438\u044f PHPRC, \u0447\u0442\u043e\u0431\u044b \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0432 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442 \u043f\u0435\u0440\u0432\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b.\n\u2611\ufe0f 4. curl -X POST --insecure https://xxxxxx/webauth_operation.php -F \"PHPRC=/tmp/xxx.ini\"\n\u2611\ufe0f 5. Profit\n\n\u2699\ufe0fPOC: https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\u2705 \u0420\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438: \u041f\u0430\u0442\u0447 \u0443\u0436e \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0439 \u0430\u043a\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438.\n\n#RCE #Juniper #CVE-2023-36844 #CVE-2023-36845 #CVE-2023-36846", "creation_timestamp": "2023-08-29T14:22:41.000000Z"}, {"uuid": "141783c3-764d-4e49-91c0-099fe31186da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "https://t.me/arpsyndicate/1208", "content": "#ExploitObserverAlert\n\nCVE-2023-36844\n\nDESCRIPTION: Exploit Observer has 15 entries related to CVE-2023-36844. A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.  Using a crafted request an attacker is able to modify   certain PHP environment variables\u00a0leading to partial loss of integrity,\u00a0which may allow chaining to other vulnerabilities. This issue affects Juniper Networks Junos OS on EX Series:      *  All versions prior to 20.4R3-S9;   *  21.1 versions 21.1R1 and later;   *  21.2 versions prior to 21.2R3-S7;   *  21.3 versions   prior to    21.3R3-S5;   *  21.4 versions   prior to   21.4R3-S5;   *  22.1 versions   prior to   22.1R3-S4;   *  22.2 versions   prior to   22.2R3-S2;   *  22.3 versions   prior to 22.3R3-S1;   *  22.4 versions   prior to   22.4R2-S2, 22.4R3;   *  23.2 versions prior to   23.2R1-S1, 23.2R2.\n\nFIRST-EPSS: 0.212160000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T12:46:36.000000Z"}, {"uuid": "676edeeb-dc74-4d5d-9842-c3943ac691d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "Telegram/aUoxxr7Q-reuu8BzrzBdFJjcuLiTkfj1YTRAsUeOpihECA", "content": "", "creation_timestamp": "2023-10-24T19:44:01.000000Z"}, {"uuid": "11f1c329-f326-4b32-adc6-bedb383e3c8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "https://t.me/arpsyndicate/171", "content": "#ExploitObserverAlert\n\nCVE-2023-36844\n\nDESCRIPTION: Exploit Observer has 13 entries related to CVE-2023-36844. A PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environment variables.\n\nUsing a crafted request an attacker is able to modify \n\ncertain PHP environment variables\u00a0leading to partial loss of integrity,\u00a0which may allow chaining to other vulnerabilities.\nThis issue affects Juniper Networks Junos OS on EX Series:\n\n\n\n  *  All versions prior to 20.4R3-S9;\n  *  21.1 versions 21.1R1 and later;\n  *  21.2 versions prior to 21.2R3-S7;\n  *  21.3 versions \n\nprior to \n\n 21.3R3-S5;\n  *  21.4 versions \n\nprior to \n\n21.4R3-S5;\n  *  22.1 versions \n\nprior to \n\n22.1R3-S4;\n  *  22.2 versions \n\nprior to \n\n22.2R3-S2;\n  *  22.3 versions \n\nprior to 22.3R3-S1;\n  *  22.4 versions \n\nprior to \n\n22.4R2-S2, 22.4R3;\n  *  23.2 versions prior to \n\n23.2R1-S1, 23.2R2.\n\nFIRST-EPSS: 0.025570000\nNVD-IS: 1.4\nNVD-ES: 3.9", "creation_timestamp": "2023-11-13T20:15:18.000000Z"}, {"uuid": "beb85c9c-50a3-4b5f-ad70-86ee2bf374ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "Telegram/jjtb8CBW2142y26Ljkh9Y3CM5rguEkhc94VYDqULf5eBeQ", "content": "", "creation_timestamp": "2023-08-30T14:47:53.000000Z"}, {"uuid": "5b5d0cc6-e7b4-4a36-aabf-ad8c6accb20b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "Telegram/UG6oSddx2bwhG_QTebEnBYG2SK7WVcpFXH_OXoX525gYMA", "content": "", "creation_timestamp": "2023-09-16T11:17:24.000000Z"}, {"uuid": "fd5d82b5-d089-4d46-a9ca-44eccf61cddf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "Telegram/kU8an4Go1huFShTvCbdEWGzr-EU9qubcfsgo6U8YbLfS-g", "content": "", "creation_timestamp": "2023-12-20T08:06:02.000000Z"}, {"uuid": "22424ca8-e0f8-432a-86d2-b0367e5d297a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "https://t.me/KomunitiSiber/721", "content": "Alert: Juniper Firewalls, Openfire, and Apache RocketMQ Under Attack from New Exploits\nhttps://thehackernews.com/2023/08/alert-juniper-firewalls-openfire-and.html\n\nRecently disclosed security flaws impacting Juniper firewalls, Openfire, and Apache RocketMQ servers have come under active exploitation in the wild, according to multiple reports.\nThe Shadowserver Foundation\u00a0said\u00a0that it's \"seeing exploitation attempts from multiple IPs for Juniper J-Web CVE-2023-36844 (& friends) targeting /webauth_operation.php endpoint,\" the same day a proof-of-concept (PoC)", "creation_timestamp": "2023-08-30T13:36:02.000000Z"}, {"uuid": "673d3aec-7ad4-4c1e-b166-366119a5bebc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4294", "content": "\ud83d\udcccRCE in Juniper JunOS CVE-2023-36844-47 Exploit : Download\n\n\ud83e\ude85Pocket Access \u2013 Telegram Bot For Remote Access To Computer Files : Download\n\n\ud83d\udc38International Civil Defense Organization Data Leak : Download\n\n\ud83e\udd16CVE-2023-40930 POC: Skyworth 3.0 (Android) \u2013 Directory Traversal : Explore\n\n\ud83d\udd78Invicti Standard v23.9.0.42095 Crack : Download\n\n\ud83d\udcefSartrouville Company France Data Leak : Download\n\n\ud83c\udf1aAranui Cruises Data Leak : Download\n\n\ud83d\udc00Craxs Rat V6.7 : DOwnload\n\n\ud83e\udeacURL Infection: Exploit Silent Java Drive By Downloads Chrome : Explore\n\n\ud83e\uddeeCVE-2023-41362 \u2013 MyBB ACP RCE Exploit : Explore\n  \n\ud83d\udc7eCVE-2023-3244 POC: WordPress Missing Authorization: Explore\n\n\ud83d\udccdOpenText EnCase Forensic Tool : Download\n\n\ud83d\udc32Telegram Get remote IP: Get IP Address on Other Side Audio Call In Telegram : Check", "creation_timestamp": "2023-09-15T03:37:09.000000Z"}, {"uuid": "0e398353-a669-407f-8a98-e263118f4478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "https://t.me/true_secator/4862", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 VulnCheck \u0441\u043e\u043e\u0431\u0449\u0430\u044e\u0442, \u0447\u0442\u043e \u043e\u043a\u043e\u043b\u043e 12 000 \u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432 Juniper SRX \u0438 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u043e\u0432 EX \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u044b RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0415\u0449\u0435 \u0432 \u0430\u0432\u0433\u0443\u0441\u0442\u0435\u00a0Juniper \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430\u00a0\u043c\u043d\u043e\u0433\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u043c\u0438 \u0441\u0440\u0435\u0434\u044b PHP (CVE-2023-36844/CVE-2023-36845) \u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0439 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 (CVE-2023-36846/CVE-2023-36847), \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0430\u043c\u0438 \u043f\u043e \u0441\u0435\u0431\u0435 \u0438\u043c\u0435\u043b\u0438 \u043e\u0446\u0435\u043d\u043a\u0443 5,3. \u041d\u043e \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u044d\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0442\u0430\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u043c \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0441 \u0440\u0435\u0439\u0442\u0438\u043d\u0433\u043e\u043c 9,8.\n\n\u0412 \u0431\u043e\u043b\u0435\u0435 \u043f\u043e\u0437\u0434\u043d\u0435\u043c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u043e\u043c \u043e\u0442\u0447\u0435\u0442\u0435\u00a0watchTowr Labs \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 PoC, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u043b \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 CVE-2023-36845 \u0438 CVE-2023-36846, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434, \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u044f \u0434\u0432\u0430 \u0444\u0430\u0439\u043b\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e.\n\n\u041d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 VulnCheck \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u0435\u0449\u0435 \u043e\u0434\u0438\u043d PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0442\u043e\u043b\u044c\u043a\u043e CVE-2023-36845, \u043c\u0438\u043d\u0443\u044f \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u0441\u043e\u0445\u0440\u0430\u043d\u044f\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043a\u043e\u0434\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0441\u043c\u043e\u0433\u043b\u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u043c\u043d\u043e\u0433\u043e\u044d\u0442\u0430\u043f\u043d\u044b\u0439 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0432 \u043f\u0440\u043e\u0441\u0442\u043e\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u043d\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0434\u043d\u043e\u0439 \u043a\u043e\u043c\u0430\u043d\u0434\u044b curl \u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0435\u0435 \u043a\u043e\u043b\u0438\u0447\u0435\u0441\u0442\u0432\u043e \u0438\u043c\u0435\u043d\u043d\u043e \u0441\u0442\u0430\u0440\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u043e\u0431\u0448\u0438\u0440\u043d\u0435\u0435 \u0438 \u0433\u043e\u0440\u0430\u0437\u0434\u043e \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0435\u0435, \u0447\u0435\u043c \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u0442 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d\u043d\u044b\u0439 \u0441\u0440\u0435\u0434\u043d\u0438\u0439 \u0440\u0435\u0439\u0442\u0438\u043d\u0433 CVSS, \u0432 \u0441\u0432\u044f\u0437\u0438 \u0441 \u0447\u0435\u043c \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u044b \u0434\u043e\u043b\u0436\u043d\u044b \u043f\u0440\u0435\u0434\u043f\u0440\u0438\u043d\u044f\u0442\u044c \u043d\u0435\u043c\u0435\u0434\u043b\u0435\u043d\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044e \u0441\u0432\u043e\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0438\u0441\u044c \u043d\u0430 GitHub \u0441\u043a\u0430\u043d\u0435\u0440\u043e\u043c \u0434\u043b\u044f \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0439 \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435, \u0431\u043b\u0430\u0433\u043e\u0434\u0430\u0440\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u043c\u0443 \u043d\u0430\u0448\u043b\u0438 14 951 Juniper \u0441 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u043c\u0438 \u0438\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0431-\u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0430\u043c\u0438.\n\n\u0418\u0437 \u043d\u0438\u0445 79% \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0438 \u043e\u0441\u0442\u0430\u044e\u0442\u0441\u044f \u0438\u0434\u0435\u0430\u043b\u044c\u043d\u044b\u043c \u043d\u0430\u0447\u0430\u043b\u044c\u043d\u044b\u043c \u0432\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u0434\u043b\u044f \u0440\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u00ab\u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u043c\u0443\u0434\u0430\u043a\u043e\u0432\u00bb, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0447\u0430\u0441\u0442\u0443\u044e \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044e \u0445\u0430\u043a\u0435\u0440\u0430\u043c\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u0443\u044e \u0441\u0435\u0442\u044c.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0435\u0449\u0435 17 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2023 \u0433\u043e\u0434\u0430, \u0430 Shadowserver \u0438 GreyNoise \u0443\u0436\u0435 \u043d\u0430\u0431\u043b\u044e\u0434\u0430\u044e\u0442, \u043a\u0430\u043a \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043f\u0440\u0438\u0441\u0442\u0443\u043f\u0438\u043b\u0438 \u043a \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 CVE-2023-36845 \u0432 \u00ab\u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0430 \u043c\u0443\u0434\u0430\u043a\u0430\u00bb.", "creation_timestamp": "2023-09-19T14:30:05.000000Z"}, {"uuid": "1de4e820-4ab4-49f2-a238-cfbfb9741296", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/DailyToolz/1027", "content": "https://github.com/Pari-Malam/CVE-2023-36844", "creation_timestamp": "2023-09-20T16:36:39.000000Z"}, {"uuid": "03bda186-3754-432e-98fe-8c897133a977", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "https://t.me/true_secator/4783", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr Labs \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u043c\u0435\u0436\u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u044d\u043a\u0440\u0430\u043d\u0430\u0445 Juniper SRX, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c RCE \u0432 JunOS.\n\n\u0412 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 Juniper \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 CVE-2023-36844, CVE-2023-36845, CVE-2023-36846, CVE-2023-36847 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 (CVSS 5.3), \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442 J-Web \u041e\u0421 Juniper Networks Junos \u043d\u0430 \u0441\u0435\u0440\u0438\u044f\u0445 SRX \u0438 EX.\n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u043e\u0431\u0445\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0443\u0442\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0438\u043b\u0430 \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c J-Web \u0438\u043b\u0438 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043e\u0432\u0435\u0440\u0435\u043d\u043d\u044b\u043c \u0445\u043e\u0441\u0442\u0430\u043c.\n\n\u041e\u0434\u043d\u0430\u043a\u043e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0432 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0435\u0442\u0435\u0432\u043e\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0432 JunOS \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr Labs \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u043f\u0435\u0440\u0435\u0434 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0435\u0439 (CVE-2023-36846) \u0434\u043b\u044f \u0434\u043e\u0441\u0442\u0430\u0432\u043a\u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e PHP-\u0444\u0430\u0439\u043b\u0430 \u0432 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0439 \u043a\u0430\u0442\u0430\u043b\u043e\u0433 \u0441\u043e \u0441\u043b\u0443\u0447\u0430\u0439\u043d\u044b\u043c \u0438\u043c\u0435\u043d\u0435\u043c \u0444\u0430\u0439\u043b\u0430.\n\n\u0417\u0430\u0442\u0435\u043c \u043e\u043d\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0442\u043e\u0439 \u0436\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0439 \u0444\u0443\u043d\u043a\u0446\u0438\u0435\u0439 \u0434\u043b\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438 \u0444\u0430\u0439\u043b\u0430 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 PHP, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u044b\u0439 \u0432\u044b\u0448\u0435 \u0444\u0430\u0439\u043b \u0438 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0435\u0433\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0434\u0438\u0440\u0435\u043a\u0442\u0438\u0432\u044b\u00a0auto_prepend_file.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0432\u0441\u0435 \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0435 \u0441\u0440\u0435\u0434\u044b \u043c\u043e\u0436\u043d\u043e \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c CVE-2023-36845, \u0447\u0442\u043e\u0431\u044b \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043c\u0435\u043d\u043d\u0443\u044e \u0441\u0440\u0435\u0434\u044b,\u00a0PHPRC\u00a0\u0437\u0430\u0433\u0440\u0443\u0437\u0438\u0442\u044c \u0444\u0430\u0439\u043b \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 PHP \u0438 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u043f\u0435\u0440\u0432\u043e\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u0437\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 PHP.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 watchTowr \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u043d\u043e\u0435 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0430 \u0432\u043e\u0441\u043f\u0440\u043e\u0438\u0437\u0432\u0435\u0434\u0435\u043d\u0438\u044f, \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f \u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0423\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u0443\u044e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0441\u0442\u044c PoC, \u043f\u0440\u043e\u0441\u0442\u043e\u0442\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0438 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u043f\u043e\u043b\u043e\u0436\u0435\u043d\u0438\u0435, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 JunOS \u0437\u0430\u043d\u0438\u043c\u0430\u044e\u0442 \u0432 \u0441\u0435\u0442\u0438, watchTowr \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u043d\u0435\u0438\u0437\u0431\u0435\u0436\u043d\u043e\u0439 \u0448\u0438\u0440\u043e\u043a\u043e\u043c\u0430\u0441\u0448\u0442\u0430\u0431\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u044b\u0448\u0435\u0443\u043f\u043e\u043c\u044f\u043d\u0443\u0442\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c.", "creation_timestamp": "2023-08-29T17:29:05.000000Z"}, {"uuid": "8796d18f-7331-4053-b116-f277debb6224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4830", "content": "\ud83d\udcccRCE in Juniper JunOS CVE-2023-36844-47 Exploit : Download\n\n\ud83e\ude85Pocket Access \u2013 Telegram Bot For Remote Access To Computer Files : Download\n\n\ud83d\udc38International Civil Defense Organization Data Leak : Download\n\n\ud83e\udd16CVE-2023-40930 POC: Skyworth 3.0 (Android) \u2013 Directory Traversal : Explore\n\n\ud83d\udd78Invicti Standard v23.9.0.42095 Crack : Download\n\n\ud83d\udcefSartrouville Company France Data Leak : Download\n\n\ud83c\udf1aAranui Cruises Data Leak : Download\n\n\ud83d\udc00Craxs Rat V6.7 : DOwnload\n\n\ud83e\udeacURL Infection: Exploit Silent Java Drive By Downloads Chrome : Explore\n\n\ud83e\uddeeCVE-2023-41362 \u2013 MyBB ACP RCE Exploit : Explore\n  \n\ud83d\udc7eCVE-2023-3244 POC: WordPress Missing Authorization: Explore\n\n\ud83d\udccdOpenText EnCase Forensic Tool : Download\n\n\ud83d\udc32Telegram Get remote IP: Get IP Address on Other Side Audio Call In Telegram : Check", "creation_timestamp": "2023-12-20T08:05:32.000000Z"}, {"uuid": "1e2a3690-4129-4974-a72a-e2da632846e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4299", "content": "\ud83d\udcccRCE in Juniper JunOS CVE-2023-36844-47 Exploit : Download\n\n\ud83e\ude85Pocket Access \u2013 Telegram Bot For Remote Access To Computer Files : Download\n\n\ud83d\udc38International Civil Defense Organization Data Leak : Download\n\n\ud83e\udd16CVE-2023-40930 POC: Skyworth 3.0 (Android) \u2013 Directory Traversal : Explore\n\n\ud83d\udd78Invicti Standard v23.9.0.42095 Crack : Download\n\n\ud83d\udcefSartrouville Company France Data Leak : Download\n\n\ud83c\udf1aAranui Cruises Data Leak : Download\n\n\ud83d\udc00Craxs Rat V6.7 : DOwnload\n\n\ud83e\udeacURL Infection: Exploit Silent Java Drive By Downloads Chrome : Explore\n\n\ud83e\uddeeCVE-2023-41362 \u2013 MyBB ACP RCE Exploit : Explore\n  \n\ud83d\udc7eCVE-2023-3244 POC: WordPress Missing Authorization: Explore\n\n\ud83d\udccdOpenText EnCase Forensic Tool : Download\n\n\ud83d\udc32Telegram Get remote IP: Get IP Address on Other Side Audio Call In Telegram : Check", "creation_timestamp": "2023-09-16T11:16:40.000000Z"}, {"uuid": "1530b829-eb1c-4a9f-b583-004a73d60762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "Telegram/Ro8t_vwt7AQYmnMRxlCmXGb8FIuOnTPoeQgd1Ea_p3ddcg", "content": "", "creation_timestamp": "2023-09-15T03:38:09.000000Z"}, {"uuid": "80384c0e-5dfb-4bd6-b1f3-7202d64e0248", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3169", "content": "Hackers Factory \n\nlazy way to create CVE-2023-38831 winrar file for testing\n\nhttps://github.com/BoredHackerBlog/winrar_CVE-2023-38831_lazy_poc\n\nCVE-2022-39986 PoC\n\nhttps://github.com/WhiteOwl-Pub/RaspAP-CVE-2022-39986-PoC\n\nCommunity curated list of nuclei templates for finding \"unknown\" security vulnerabilities.\n\nhttps://github.com/projectdiscovery/fuzzing-templates\n\nHVCI-loldrivers-check\nChecks to see which drivers from loldrivers.io are not blocked by the current HVCI blocklist on the system.\n\nhttps://github.com/trailofbits/HVCI-loldrivers-check\n\nGolang Secure Coding Practices guide\n\nhttps://github.com/OWASP/Go-SCP\n\n#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\n\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\n\nhttps://github.com/shiomiyan/CVE-2023-41080\n\nEvolutionary encryption framework based on scalable complexity over time.\n\nhttps://github.com/jofpin/temcrypt\n\nSome of my rough notes for Docker threat detection\n\nhttps://github.com/Antonlovesdnb/DockerDetectionNotes\n\nBash Script to extract GNU/Linux forensic artifacts for digital forensic analysis and incident response.\n\nhttps://github.com/ozpingux/BasicLinuxForensicScript\n\nyou want an #investigation on user accounts,  \n\nSnoop, a #cli #python #tool, scans various sites, forums, and social networks for the presence of the username.\n\ngithub.com/snooppr/snoop\n\n#infosec #cybersecurity #hackersfactory\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-27T17:49:56.000000Z"}, {"uuid": "419e870e-bc61-4a95-987f-131ee0343251", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "seen", "source": "https://t.me/cibsecurity/68800", "content": "\u203c CVE-2023-36844 \u203c\n\nA PHP External Variable Modification vulnerability in J-Web of Juniper Networks Junos OS on EX Series allows an unauthenticated, network-based attacker to control certain, important environments variables.Utilizing a crafted request an attacker is able to modify certain PHP environments variables\u00c2\u00a0leading to partial loss of integrity,\u00c2\u00a0which may allow chaining to other vulnerabilities.This issue affects Juniper Networks Junos OS on EX Series: * All versions prior to 20.4R3-S9; * 21.2 versions prior to 21.2R3-S6; * 21.3 versions prior to 21.3R3-S5; * 21.4 versions prior to 21.4R3-S5; * 22.1 versions prior to 22.1R3-S4; * 22.2 versions prior to 22.2R3-S2; * 22.3 versions prior to 22.3R3-S1; * 22.4 versions prior to 22.4R2-S2, 22.4R3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-18T00:37:51.000000Z"}, {"uuid": "8074185a-056f-4af5-a3bb-79fdd473e8dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/958", "content": "https://github.com/watchtowrlabs/juniper-rce_cve-2023-36844", "creation_timestamp": "2023-08-29T14:30:43.000000Z"}, {"uuid": "c5587de0-03f0-4895-8192-4dde2541b592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7707", "content": "CVE-2023-36844 And Friends: RCE In Juniper Devices\n\nhttps://labs.watchtowr.com/cve-2023-36844-and-friends-rce-in-juniper-firewalls/", "creation_timestamp": "2023-08-26T21:25:10.000000Z"}, {"uuid": "62d4cb04-6b80-4bae-94ef-d5f9875947d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3554", "content": "RCE in Juniper OS \nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844", "creation_timestamp": "2023-09-16T17:12:09.000000Z"}, {"uuid": "229794f7-b4ea-4a97-bf77-7af17989ec10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/959", "content": "https://labs.watchtowr.com/cve-2023-36844-and-friends-rce-in-juniper-firewalls/", "creation_timestamp": "2023-08-29T17:45:43.000000Z"}, {"uuid": "ef99a59c-090c-447c-a5e5-23b319468b88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8921", "content": "#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\nhttps://github.com/shiomiyan/CVE-2023-41080\n\n3. CVE-2023-39063:\nRaidenFTPD Buffer Overflow\nhttps://github.com/AndreGNogueira/CVE-2023-39063", "creation_timestamp": "2023-08-27T15:11:36.000000Z"}, {"uuid": "fb08a1bd-d645-4f70-99b6-9962e834e005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36844", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-04-30)", "content": "", "creation_timestamp": "2026-04-30T00:00:00.000000Z"}]}