CVE-2024-3400CISA KEV: Actively Exploited

Palo Alto Networks PAN-OS Command Injection Vulnerability

Published Apr 12, 2024·Updated Apr 12, 2024

Description

Palo Alto Networks PAN-OS GlobalProtect feature contains a command injection vulnerability that allows an unauthenticated attacker to execute commands with root privileges on the firewall.

Public Exploits & PoCs40 found

PoC: CVE-2024-3400

CVE-2024-3400

26

PoC: CVE-2024-3400

CVE-2024-3400 Palo Alto OS Command Injection

14

PoC: PAN-OS-CVE-2024-3400-Command-Injection-Investigation

Investigation of a PAN-OS CVE-2024-3400 command injection attempt, analyzing payload delivery, internal processing, and execution validation based on log evidence.

1

PoC: CVE-2024-3400-poc

CVE-2024-3400的攻击脚本

1

PoC: CVE-2024-3400-pot

Simple honeypot for CVE-2024-3400 Palo Alto PAN-OS Command Injection Vulnerability

1

PoC: CVE-2024-3400

Python script to check Palo Alto firewalls for CVE-2024-3400 exploit attempts

1

PoC: CVE-2024-3400-Canary

Have we not learnt from HoneyPoC?

1

PoC: CVE-2024-3400-POC

CVE-2024-3400 POC Remote Code Execution (RCE) Palo Alto Networks PAN-OS software

1

PoC: CVE-2024-3400-POC

CVE-2024-3400 POC Remote Code Execution (RCE) Palo Alto Networks PAN-OS software

1

PoC: CVE-2024-3400_Testing

Testing a List of IP address incase they are vulnerable to CVE-2024-3400

PoC: CVE-2024-3400-poc

CVE-2024-3400的攻击脚本

PoC: cs50-cyber-paloalto-oauth

CS50 Cybersecurity final project — Palo Alto OAuth token breach (CVE-2024-3400)

PoC: Zero-Day-Vulnerability-Exploitation-Detection-Tool

An AI-powered tool to predict and prevent zero-day attacks on firewalls, like Palo Alto’s CVE-2024-3400. Uses Python, Wireshark, MITRE ATT&CK datasets, and Docker for real-time anomaly detection.

PoC: letsdefend-cve2024-3400-case-study

Detection, analysis, and response strategies for CVE-2024-3400 exploitation attempts targeting Palo Alto PAN-OS GlobalProtect portals. Includes IOCs, exploit patterns, and mitigation guidance.

PoC: CVE-2024-3400

CVE-2024-3400 PAN-OS Vulnerability Scanner.

PoC: CVE-2024-3400

Attempt at making the CVE-2024-3400 initial exploit (for educational purposes)

PoC: IPLineFinder

Find rows contain specific IP addresses in large files and then, extract them. This tool make for investigating logs for cve-2024-3400

PoC: CVE-2024-3400

Exploit for GlobalProtect CVE-2024-3400

PoC: CVE-2024-3400-Checker

Check to see if your Palo Alto firewall has been compromised by running script againt support bundle.

PoC: cve-2024-3400

Python exploit and checker script for CVE-2024-3400 Palo Alto Command Injection and Arbitrary File Creation

PoC: CVE-2024-3400

Exploit for CVE-2024-3400

PoC: panrapidcheck

Extract useful information from PANOS support file for CVE-2024-3400

PoC: CVE-2024-3400

Finding Palo Alto devices vulnerable to CVE-2024-3400.

PoC: cve-2024-3400-poc

Simple POC for CVE-2024-3400

PoC: CVE-2024-3400

CVE-2024-3400 POC written in Rust and Python

PoC: CVE-2024-3400

Simple Python code to check for arbitrary uploading

PoC: CVE-2024-3400

EDL for IPs attacking customers with CVE-2024-3400

PoC: CVE-2024-3400

CVE-2024-3400 : Palo Alto OS Command Injection - POC

PoC: cve-2024-3400-poc

Simple POC for CVE-2024-3400

PoC: CVE-2024-3400

Global Protec Palo Alto File Write Exploit

PoC: CVE-2024-3400-RCE-copy

CVE-2024-3400-RCE

PoC: CVE-2024-3400-Checker

A check program for CVE-2024-3400, Palo Alto PAN-OS unauthenticated command injection vulnerability. Palo Alto 防火墙 PAN-OS 远程命令注入检测程序。

PoC: CVE-2024-3400

CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect

PoC: CVE-2024-3400

CVE-2024-3400

PoC: CVE-2024-3400

CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtect

PoC: CVE-2024-3400-Compromise-Checker

A simple bash script to check for evidence of compromise related to CVE-2024-3400

PoC: CVE-2024-3400

Vulnerabilidad de palo alto

PoC: CVE-2024-3400

CVE-2024-3400 Checker

PoC: CVE-2024-3400-POC

CVE-2024-3400 POC Remote Code Execution (RCE) Palo Alto Networks PAN-OS software

PoC: CVE-2024-3400

This script is designed to demonstrate the exploitation of vulnerabilities in PAN-OS firewalls. It sends a specially crafted payload to the firewall's API endpoint to execute arbitrary commands.

References

View on NVD Search GitHub Search Google

Get alerted for CVEs like this

Register your stack and get notified within minutes when a matching CVE drops.

Start monitoring free