Main Vulnerability Database Exploits ID:2691 - Exploit for Input validation flaw in Palo Alto PAN-OS in Palo Alto PAN-OS - CVE-2016-1712

ID:2691 - Exploit for Input validation flaw in Palo Alto PAN-OS in Palo Alto PAN-OS - CVE-2016-1712

Published: May 18, 2020

Vulnerability identifier: #VU173

Vulnerability risk: Critical

CVE-ID: CVE-2016-1712

CWE-ID: CWE-20

Exploitation vector: Remote access

Vulnerable software:
Palo Alto PAN-OS

Link to public exploit:

https://cpr-zero.checkpoint.com/vulns/cprid-1017/

Vulnerability description

The vulnerability allows a remote attacker to obtain elevated privileges on the target system.

The vulnerability exists due to input validation error in Palo Alto PAN-OS. A remote unauthenticated attacker can invoke the root_reboot utility to exploit an input validation flaw and execute arbitrary code on the target system with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

The vendor has issued a fix (5.0.19, 5.1.12, 6.0.14, 6.1.12, 7.0.8).

ID:2691 - Exploit for Input validation flaw in Palo Alto PAN-OS in Palo Alto PAN-OS - CVE-2016-1712

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human