Share
## https://sploitus.com/exploit?id=C038D4F7-FA03-5561-B6EF-FCF830B00A6D
# CVE-2026-1731 โ BeyondTrust Remote Support & PRA Pre-auth RCE
## Overview
**Critical pre-authentication RCE in BeyondTrust Remote Support and Privileged Remote Access. Unauthenticated remote attacker can execute OS commands.**
| Field | Value |
|-------|-------|
| CVE | CVE-2026-1731 |
| Severity | CRITICAL |
| Product | BeyondTrust Remote Support & PRA |
| CISA KEV | 2026-02-06 |
| Attack Type | Pre-auth RCE |
| Auth Required | None |
### Affected Versions
| Status | Versions |
|--------|----------|
| โ Vulnerable | BeyondTrust Remote Support and PRA (older versions) |
| โ
Fixed | Fixed in BeyondTrust updates (see vendor advisory) |
## Installation
```bash
# Clone
git clone https://github.com/ridhinva/CVE-2026-1731-BeyondTrust-RCE.git
cd CVE-2026-1731-BeyondTrust-RCE
# Install deps (if any)
pip install requests
```
## Usage
### Scan Single Target
```bash
python3 beyondtrust_rce_scanner.py example.com
python3 beyondtrust_rce_scanner.py https://192.168.1.1
```
### Mass Scan from File
```bash
echo "target1.com" > targets.txt
echo "target2.com" >> targets.txt
python3 beyondtrust_rce_scanner.py targets.txt
```
### Show Vulnerability Info
```bash
python3 beyondtrust_rce_scanner.py --info
```
## How It Works
The scanner checks for exposed endpoints associated with this vulnerability and reports potential targets for manual verification.
## References
| Source | Link |
|--------|------|
| CISA KEV | https://www.cisa.gov/known-exploited-vulnerabilities-catalog |
| NVD Entry | https://nvd.nist.gov/vuln/detail/CVE-2026-1731 |
| Vendor Advisory | https://security.paloaltonetworks.com/CVE20261731 |
## Disclaimer
For authorized security testing and educational purposes only. Unauthorized access is illegal.
## Author
**@c_y_p_h3r** โ Bug bounty hunter & security researcher