From 855d6def8dab21c488f43b9799c619330f5e3602 Mon Sep 17 00:00:00 2001
From: Giulio <giulio@gmx.com>
Date: Fri, 10 Apr 2020 02:28:50 +0200
Subject: [PATCH] Updated with Cves and Juniper Advistory

---
 Readme.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/Readme.md b/Readme.md
index 00012cb..cc9b6da 100644
--- a/Readme.md
+++ b/Readme.md
@@ -1,4 +1,12 @@
 # Juniper Host Checker Linux MITM RCE
+## CVEs
+
+ - No certificate Validation - [CVE-2020-11580](https://nvd.nist.gov/vuln/detail/CVE-2020-11580)
+ - Command Injection - [CVE-2020-11581](https://nvd.nist.gov/vuln/detail/CVE-2020-11581)
+ - DNS Rebindig - [CVE-2020-11582](https://nvd.nist.gov/vuln/detail/CVE-2020-11582)
+
+Link to Juniper official advisory [SA44426](https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44426)
+
 ## Intro
 The Host Checker is a client side component that the [Pulse Connect Secure](https://www.pulsesecure.net/products/pulse-connect-secure/) appliance may require in order to connect to the VPN. The Host Checker requests a policy from the server and perform basic checks on the client accordingly. Checks may include MAC Addresses, running process (ie: checking for an antivirus) and some others. While on Windows the plugin is an ActiveX component, in Linux, Solaris and OSX it is a Java Applet.
 Of course client checks can always be bypassed, and an open source (yet not well documented) implementation [do exist](https://raw.githubusercontent.com/russdill/juniper-vpn-py/master/tncc.py).