CVE-2024-3400

CVE Database · CVE-2024-3400

CVE-2024-3400

· CRITICALAnalyzed

CVSS v3.1

10.0

EPSS

100.00%

Published

Apr 12, 2024

Modified

Nov 4, 2025

CISA Known Exploited Vulnerability

Added: 2024-04-12 · Due: 2024-04-19

Apply mitigations per vendor instructions as they become available. Otherwise, users with vulnerable versions of affected devices should enable Threat Prevention IDs available from the vendor. See the vendor bulletin for more details and a patch release schedule.

Public PoC / Exploit (11)

All weaponized →

Exploit-DBPalo Alto PAN-OS < v11.1.2-h3 - Command Injection and Arbitrary File Creation NucleiNuclei detection template TrickestTrickest PoC index GitHub PoCh4x0r-dz/CVE-2024-3400★161 GitHub PoCW01fh4cker/CVE-2024-3400-RCE-Scan★90 GitHub PoC0x0d3ad/CVE-2024-3400★70 GitHub PoCihebski/CVE-2024-3400★32 GitHub PoCChocapikk/CVE-2024-3400★15 GitHub PoCmomika233/CVE-2024-3400★13 GitHub PoCYuvvi01/CVE-2024-3400★11 GitHub PoCak1t4/CVE-2024-3400★9

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A command injection as a result of arbitrary file creation vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS software for specific PAN-OS versions and distinct feature configurations may enable an unauthenticated attacker to execute arbitrary code with root privileges on the firewall. Cloud NGFW, Panorama appliances, and Prisma Access are not impacted by this vulnerability.

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Weaknesses (CWE)

CWE-20CWE-77CWE-77

Affected Products (52)

paloaltonetworks · pan-osvulnerable