Share
## https://sploitus.com/exploit?id=SAINT:2BC072FED655BA2418A2026EAEAAB6D5
Added: 11/20/2024  
CVE: CVE-2024-0012  


### Background

Palo Alto Networks firewall provides policy-based visibility and control over applications, users and threats. 

### Problem

An authentication bypass vulnerability combined with a command injection vulnerability in the PAN-OS management interface allows remote attackers to execute arbitrary commands. 

### Resolution

Upgrade to one of the versions listed under the Solution section of Palo Alto Networks Security Advisory CVE-2024-0012. 

### References

https://security.paloaltonetworks.com/CVE-2024-0012   
https://security.paloaltonetworks.com/CVE-2024-9474   
https://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/   


### Platforms

PAN-OS