• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
over 12,000 juniper firewalls found vulnerable to recently disclosed rce

Over 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability

You are here: Home / General Cyber Security News / Over 12,000 Juniper Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability
September 19, 2023

New investigate has uncovered that shut to 12,000 internet-uncovered Juniper firewall equipment are susceptible to a recently disclosed distant code execution flaw.

VulnCheck, which found out a new exploit for CVE-2023-36845, explained it could be exploited by an “unauthenticated and remote attacker to execute arbitrary code on Juniper firewalls without having generating a file on the method.”

CVE-2023-36845 refers to a medium-severity flaw in the J-Web component of Junos OS that could be weaponized by a risk actor to command certain, significant ecosystem variables. It was patched by Juniper Networks final month alongside CVE-2023-36844, CVE-2023-36846, and CVE-2023-36847 in an out-of-cycle update.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Cybersecurity

A subsequent evidence-of-principle (PoC) exploit devised by watchTowr put together CVE-2023-36846 and CVE-2023-36845 to add a PHP file containing destructive shellcode and achieve code execution.

The latest exploit, on the other hand, impacts more mature techniques and can be composed applying a one cURL command. Particularly, it relies on just CVE-2023-36845 to comprehend the same goal.

RCE Vulnerability

This, in transform, is attained by employing the common input stream (aka stdin) to set the PHPRC surroundings variable to “/dev/fd/” by way of a specially crafted HTTP ask for, efficiently turning “/dev/fd/” into a makeshift file, and leak sensitive info.

Arbitrary code execution is then realized by leveraging PHP’s automobile_prepend_file and allow for_url_incorporate possibilities in conjunction with the information:// protocol wrapper.

Forthcoming WEBINARIdentity is the New Endpoint: Mastering SaaS Security in the Fashionable Age

Dive deep into the long run of SaaS security with Maor Bin, CEO of Adaptive Shield. Discover why identification is the new endpoint. Secure your place now.

Supercharge Your Capabilities

“Firewalls are attention-grabbing targets to APT as they assistance bridge into the safeguarded network and can provide as valuable hosts for C2 infrastructure,” Jacob Baines reported. “Everyone who has an unpatched Juniper firewall should really analyze it for signals of compromise.”

Juniper has considering that disclosed that it can be not conscious of a effective exploit in opposition to its prospects, but warned that it has detected exploitation tries in the wild, earning it vital that users apply the needed fixes to mitigate opportunity threats.

Discovered this post exciting? Stick to us on Twitter  and LinkedIn to read through additional special information we publish.


Some parts of this post are sourced from:
thehackernews.com

Previous Post: «transparent tribe uses fake youtube android apps to spread caprarat Transparent Tribe Uses Fake YouTube Android Apps to Spread CapraRAT Malware
Next Post: Live Webinar: Overcoming Generative AI Data Leakage Risks live webinar: overcoming generative ai data leakage risks»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Qilin Ransomware Adds “Call Lawyer” Feature to Pressure Victims for Larger Ransoms
  • Iran’s State TV Hijacked Mid-Broadcast Amid Geopolitical Tensions; $90M Stolen in Crypto Heist
  • 6 Steps to 24/7 In-House SOC Success
  • Massive 7.3 Tbps DDoS Attack Delivers 37.4 TB in 45 Seconds, Targeting Hosting Provider
  • 67 Trojanized GitHub Repositories Found in Campaign Targeting Gamers and Developers
  • New Android Malware Surge Hits Devices via Overlays, Virtualization Fraud and NFC Theft
  • BlueNoroff Deepfake Zoom Scam Hits Crypto Employee with MacOS Backdoor Malware
  • Secure Vibe Coding: The Complete New Guide
  • Uncover LOTS Attacks Hiding in Trusted Tools — Learn How in This Free Expert Session
  • Russian APT29 Exploits Gmail App Passwords to Bypass 2FA in Targeted Phishing Campaign

Copyright © TheCyberSecurity.News, All Rights Reserved.