{"uuid": "645497f1-abca-4527-a19c-eb10a49a3c67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9474", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/2611", "content": "\ud83d\udee1\ufe0f Palo Alto PAN-OS Pre-Auth RCE Chain (CVE-2024-0012 &amp; CVE-2024-9474)\n\nA critical vulnerability chain in Palo Alto PAN-OS, combining an authentication bypass (CVE-2024-0012) and a command injection flaw (CVE-2024-9474) in the management web interface, allows unauthenticated attackers to execute arbitrary code with root privileges.\n\n\ud83d\udee0 Affected Versions:\n  \u2014 PAN-OS 11.2 (up to and including 11.2.4-h1)\n  \u2014 PAN-OS 11.1 (up to and including 11.1.5-h1)\n  \u2014 PAN-OS 11.0 (up to and including 11.0.6-h1)\n  \u2014 PAN-OS 10.2 (up to and including 10.2.12-h2)\n\n\ud83d\udd17 Research:\nhttps://labs.watchtowr.com/pots-and-pans-aka-an-sslvpn-palo-alto-pan-os-cve-2024-0012-and-cve-2024-9474/\n\n\ud83d\udd17 PoC:\nhttps://github.com/watchtowrlabs/palo-alto-panos-cve-2024-0012\n\n\ud83d\udd17 Exploit: \nhttps://github.com/Chocapikk/CVE-2024-9474\n\n#paloalto #panos #sslvpn #unauth #rce", "creation_timestamp": "2025-02-12T08:07:18.000000Z"}