Published: 09/09/2020 Updated: 27/10/2022

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

CVSS v3 Base Score: 7.2 | Impact Score: 5.9 | Exploitability Score: 1.2

VMScore: 801

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1.

Vulnerable Product	Search on Vulmon	Subscribe to Product
paloaltonetworks pan-os

PAN-OS version 100 suffers from a remote code execution vulnerability ...

This Metasploit module exploits an OS command injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges This issue impacts PAN-OS versions prior to 1001, 914 and 9010 ...

Exploit to capitalize on vulnerability CVE-2020-2038.

CVE-2020-2038 Exploit to capitalize on vulnerability CVE-2020-2038 According to Palo Alto Networks: An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges This issue impacts: PAN-OS 90 versions earlier than 9010 PAN-OS 91 versions earlier than 914 PAN-OS 100

CWE-78 https://security.paloaltonetworks.com/CVE-2020-2038 http://packetstormsecurity.com/files/168008/PAN-OS-10.0-Remote-Code-Execution.html http://packetstormsecurity.com/files/168408/Palo-Alto-Networks-Authenticated-Remote-Code-Execution.html https://nvd.nist.gov https://github.com/und3sc0n0c1d0/CVE-2020-2038 https://packetstormsecurity.com/files/168008/PAN-OS-10.0-Remote-Code-Execution.html

CVE-2020-2038

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect