all InfoSec news
Palo Alto Networks PAN-OS Command Injection Vulnerability (CVE-2024-3400)
Security Boulevard securityboulevard.com
Overview Recently, NSFOCUS CERT detected that Palo Alto Networks issued a security announcement and fixed the command injection vulnerability (CVE-2024-3400) in PAN-OS. Since GlobalProtect gateway or portal configured in PAN-OS does not strictly filter user input, unauthenticated attackers can construct special packets to execute arbitrary code on the firewall with root privileges. The CVSS score […]
The post Palo Alto Networks PAN-OS Command Injection Vulnerability (CVE-2024-3400) appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises …
alto announcement arbitrary code attackers blog can cert code command command injection command injection vulnerability cve cve-2024 cve-2024-3400 emergency-response filter firewall gateway globalprotect injection input networks nsfocus os command packets palo palo alto palo alto networks palo alto networks pan-os pan pan-os portal privileges root security special unauthenticated vulnerability