.. / CVE-2017-15944

Exploit for Palo Alto Network PAN-OS - Remote Code Execution (CVE-2017-15944)

Description:

Palo Alto Network PAN-OS and Panorama before 6.1.19, 7.0.x before 7.0.19, 7.1.x before 7.1.14, and 8.0.x before 8.0.6 allows remote attackers to execute arbitrary code via vectors involving the management interface.

Nuclei Template

View the template here CVE-2017-15944.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2017/CVE-2017-15944.yaml

References:

http://www.securitytracker.com/id/1040007
https://www.exploit-db.com/exploits/43342
https://security.paloaltonetworks.com/CVE-2017-15944
https://nvd.nist.gov/vuln/detail/CVE-2017-15944
http://blog.orange.tw/2019/07/attacking-ssl-vpn-part-1-preauth-rce-on-palo-alto.html

.. / CVE-2017-15944 if(localStorage["style"]=="true"){ document.getElementById('pagestyle').setAttribute('href','/assets/styleDark.css'); document.querySelector('input[type="checkbox"]').checked = true }

Exploit for Palo Alto Network PAN-OS - Remote Code Execution (CVE-2017-15944)

Description:

Nuclei Template

Validate with Nuclei

.. / CVE-2017-15944