来源

关联漏洞

描述

CVE-2024-0012 PAN-OS: Authentication Bypass in the Management Web Interface (PAN-SA-2024-0015) RCE POC

介绍

[![Python 3.x](https://img.shields.io/badge/python-3.x-yellow.svg)](https://www.python.org/)
# CVE-2024-0012

CVE-2024-0012 an authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authenticated privilege escalation vulnerabilities.

# Screenshot
![cve-2024-0012](https://github.com/user-attachments/assets/0b01442b-e8f8-4327-8a21-886f16872311)

| :exclamation:  **Disclaimer**  |
|---------------------------------|
| This project is primarily built to be used as a standalone CLI tool. **Running this exploit as a service may pose security risks.** It's recommended to use with caution and additional security measures. DWYOR |

# Usage
```
python3 cve-2024-0012.py -h
```

This will display help for the tool. Here are all the switches it supports.
```yaml
Usage:
  python3 cve-2024-0012.py [flags]

Flags:
  -h, --help         show this help message and exit
  --url URL          Target base URL (http:// or https://)
  --no-verify        Disable SSL verification
  --timeout TIMEOUT  Request timeout in seconds
  --command COMMAND  Command to execute on the target
```

# Credits

- [Chirag Artani](https://github.com/Sachinart/ )
- [Sachin Artani](https://3rag.com/ )
- [Muhammad Mugni Abdul Gani](https://www.instagram.com/mtwo7.id/)

文件快照

 [4.0K]  /data/pocs/42f205797a5f6173bdb1d4de864d711937f64082
├── [4.9K]  cve-2024-0012.py
└── [1.4K]  README.md

0 directories, 2 files

备注