NVD disclosure day
CVE-2023-36847
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Juniper Networks Junos OS on EX Series devices allows unauthenticated network access to upload arbitrary files via J-Web. This impacts file system integrity, posing a business risk by potentially enabling further compromise.
CVE-2023-36846
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
An unauthenticated network attacker can upload arbitrary files via Juniper Junos OS J-Web on SRX Series devices, compromising file system integrity. This may allow chaining to other vulnerabilities.
CVE-2023-36845
Halo Surface Signal: 5 out of 5 — more likely to be public-facing.
A vulnerability in Juniper Networks Junos OS allows an unauthenticated attacker to execute arbitrary code on EX and SRX Series devices by manipulating PHP environment variables. This poses a risk of unauthorized system access and control for affected organizations.A vulnerability in Juniper Networks Junos OS affects EX
CVE-2023-36844
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
A vulnerability in Juniper Networks Junos OS on EX Series allows an unauthenticated attacker to modify critical environment variables. This can lead to a partial loss of data integrity, increasing business risk.