by vicarius
log in join community
by @secatgourity
15 Jul 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Houdini Escapes - Palo Alto Command Injection (CVE-2024-3400)

by @secatgourity
by @secatgourity
15 Jul 2024
#existing_exploit_analysis

Analyze a CVE exploitation

publish

Houdini Escapes - Palo Alto Command Injection (CVE-2024-3400)

CVEs

CVE-2024-3400
10 Critical Severity

Screenshots from the blog posts

images/clyl6ntrg75xx1gn6cdvq8hp8.jpgimages/clyl6ntrg75xx1gn6cdvq8hp8.jpg

Summary

In this post, we analyze the looming threat due to Palo Alto Global Protect feature leading to a solid RCE on the vulnerable instances. Given the unauthenticated nature of the vulnerability and publicly available exploit, and the seriousness of it, it is quite important to get it fixed sooner!

Script link

GitHub - 0x0d3ad/CVE-2024-3400: CVE-2024-3400

CVE-2024-3400. Contribute to 0x0d3ad/CVE-2024-3400 development by creating an account on GitHub.

image

Description

Tags

#RCE#exposed_to_RCE_attack#threat-actors#unauthenticated#cyber-threats#command-injection#palo-alto#global-protect

@secatgourity

190 posts

Total vcoins

0

Social media links

Comments (0)