Palo Alto Network PAN-OS - Remote Code Execution CVE-2017-15944
- Severity
- Vulnerability description
Palo Alto server is affected by a Remote Code Execution through a Path Traversal vulnerability, located in the /public/plugins/ endpoint. The root cause of this vulnerability consists in improper path normalization. Palo Alto Networks PAN-OS before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.
- Risk description
The risk exists that a remote unauthenticated attacker can fully compromise the server to steal confidential information, install ransomware, or pivot to the internal network.
- Recommendation
Apply the latest security patches and updates provided by Palo Alto Networks.
- References
- https://www.exploit-db.com/exploits/43342https://security.paloaltonetworks.com/CVE-2017-15944http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.htmlhttps://nvd.nist.gov/vuln/detail/CVE-2017-15944http://www.securitytracker.com/id/1040007
- Codename
- Not available
- Detectable with
- Network Scanner
- Scan engine
- Nuclei
- Exploitable with Sniper
- No
- CVE Published
- Dec 11, 2017
- Detection added at
- Software Type
- Not available
- Vendor
- Not available
- Product
- Not available
Detect this vulnerability now!
Check your clients' targets (or your own) for this vulnerability and thousands more! Get proof for validation with our ethical hacking toolkit.