module
Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution
| Disclosed |
|---|
| Apr 12, 2024 |
Disclosed
Apr 12, 2024
Description
This module exploits two vulnerabilities in Palo Alto Networks PAN-OS that
allow an unauthenticated attacker to create arbitrarily named files and execute
shell commands. Configuration requirements are PAN-OS with GlobalProtect Gateway or
GlobalProtect Portal enabled and telemetry collection on (default). Affected versions
include one hour to execute, depending on how often the telemetry service is set to run.
allow an unauthenticated attacker to create arbitrarily named files and execute
shell commands. Configuration requirements are PAN-OS with GlobalProtect Gateway or
GlobalProtect Portal enabled and telemetry collection on (default). Affected versions
include one hour to execute, depending on how often the telemetry service is set to run.
Rapid7 Labs
2026 Global Threat Landscape Report
The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.