This script is designed to demonstrate the exploitation of vulnerabilities in PAN-OS firewalls. It sends a specially crafted payload to the firewall's API endpoint to execute arbitrary commands. This exploit specifically targets CVE-2024-3400: a command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions anddistinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
2
+
This script is designed to demonstrate the exploitation of vulnerabilities in PAN-OS firewalls. It sends a specially crafted payload to the firewall's API endpoint to execute arbitrary commands. This exploit specifically targets CVE-2024-3400, a command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions.Distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall.
3
3
4
4
**Note:** Please ensure that you only use this script for legal and ethical purposes, and only on machines that you have permission to test on.
DrewskyDev
committed
with
GitHub
1 month ago
1 parent 9bb66219