We've developed a script that verify the first bug of CVE-2017-x to
verify if the device is vulnerable or not. The script creates the fake
custom cookie and then verify it. If the cookie exists the device is
vulnerable.
We've extracted more than 6000 Palo Alto Networks Firewall devices from
sh
Hello,
This is a public advisory for CVE-2017-15944 which is a remote root code
execution bug in Palo Alto Networks firewalls.
Three separate bugs can be used together to remotely execute commands as
root through the web management interface without authentication on: PAN-OS
6.1.18 and earlier, P