Lucene search
AttackerKBAKB:AE095FA4-D1B3-455A-A4A4-75E3B7A277F8HistorySep 09, 2020 - 12:00 a.m.
CVE-2020-2038
2020-09-0900:00:00
attackerkb.com
7
0.911 High
EPSS
Percentile
98.9%
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 9.0 versions earlier than 9.0.10; PAN-OS 9.1 versions earlier than 9.1.4; PAN-OS 10.0 versions earlier than 10.0.1.
Recent assessments:
wvu-r7 at September 10, 2020 4:23pm UTC reported:
Not enough is known about this vulnerability, but this requires admin creds to the management interface, so mitigate this by choosing secure passphrases, securing credential storage, etc.
Assessed Attacker Value: 5
Assessed Attacker Value: 5Assessed Attacker Value: 2
Related
cve
cve
CVE-2020-2038
2020-09-09 17:15:25
nessus
nessus
cvelist
cvelist
nvd
nvd
CVE-2020-2038
2020-09-09 17:15:25
packetstorm
packetstorm
PAN-OS 10.0 Remote Code Execution
2022-08-09 00:00:00
Palo Alto Networks Authenticated Remote Code Execution
2022-09-16 00:00:00
rapid7blog
rapid7blog
Metasploit Weekly Wrap-Up
2022-09-16 20:09:50
checkpoint_advisories
checkpoint_advisories
Palo Alto Networks PAN-OS Command Injection (CVE-2020-2038)
2022-08-21 00:00:00
paloalto
paloalto
PAN-OS: OS command injection vulnerability in the management web interface
2020-09-09 16:00:00
prion
prion
Command injection
2020-09-09 17:15:00
zdt
zdt
PAN-OS 10.0 - Remote Code Execution (Authenticated) Exploit
2022-08-09 00:00:00
metasploit
metasploit
Palo Alto Networks Authenticated Remote Code Execution
2022-08-18 20:20:03
exploitdb
exploitdb
PAN-OS 10.0 - Remote Code Execution (RCE) (Authenticated)
2022-08-09 00:00:00
qualysblog
qualysblog