admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-06-07 05:26:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/Palo-alto-panos createRemoteAppwebSession.php Command Execution Vulnerability (CVE-2024-0012)(CVE-2024-9474).md

13 lines
988 B
Markdown
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

**Updated document date: November 20, 2024**
## palo-alto-panos /php/utils/createRemoteAppwebSession.php Command Execution Vulnerability (CVE-2024-0012/CVE-2024-9474)
| **Vulnerability** | palo-alto-panos /php/utils/createRemoteAppwebSession.php Command Execution Vulnerability (CVE-2024-0012/CVE-2024-9474)|
| :----: | :-----|
| **Chinese name** | palo-alto-panos /php/utils/createRemoteAppwebSession.php 命令执行漏洞CVE-2024-0012/CVE-2024-9474 |
| **CVSS core** | 9.50 |
| **FOFA Query** (click to view the results directly)| [body="Panos.browser.cookie.set" && body="Panos.browser.param"]
| **Number of assets affected** | 27,397 |
| **Description** |A command execution vulnerability exists in palo-alto-panos, allowing attackers to execute arbitrary commands via the /php/utils/createRemoteAppwebSession.php/.js.map path without authorization, potentially leading to full system control. |
![](https://s3.bmp.ovh/imgs/2024/11/20/849976b81da4b825.gif)
Reference in New Issue View Git Blame Copy Permalink