Feb. 2, 2024, 3:46 p.m. |

Packet Storm packetstormsecurity.com

This code serves as both a vulnerability detector and a proof of concept for CVE-2023-36845. It executes the phpinfo() function on the login page of the target device, allowing to inspect the PHP configuration. This script also has the option to save the phpinfo() output to a file for further analysis.

analysis code code execution concept configuration cve cve-2023-36845 detector device file firewall function juniper juniper srx firewall login page php proof remote code remote code execution script switch target vulnerability

Deputy Chief Information Security Officer

@ United States Holocaust Memorial Museum | Washington, DC

Humbly Confident Security Lead

@ YNAB | Remote

Information Technology Specialist II: Information Security Engineer

@ WBCP, Inc. | Pasadena, CA.

Head of Incident Response

@ Halcyon | Remote

Consultant Sénior Cyber Sécurité H/F

@ Hifield | Lyon, France

Staff Application Security Engineer (AppSec) - Open to remote across ANZ

@ Canva | Sydney, Australia