HTTP: Palo Alto Networks PAN-OS GlobalProtect Gateway Command Injection

This signature detects attempts to exploit a known vulnerability against PAN OS. A successful attack can lead to arbitrary code execution.

Extended Description

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

Affected Products

Paloaltonetworks pan-os

Short Name
HTTP:CTS:CVE-2024-3400-CMD-INJ
Severity
Major
Recommended
True
Recommended Action
Drop
Category
HTTP
Keywords
Alto CVE-2024-3400 Command Gateway GlobalProtect Injection Networks PAN-OS Palo
Release Date
04/18/2024
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3718
False Positive
Unknown
Vendors

Paloaltonetworks

Found a potential security threat?