Skip to main content

PAN-OS EUVDEUVD-2026-42675

| CVE-2026-0286 MEDIUM
OS Command Injection (CWE-78)
2026-07-09 psirt@paloaltonetworks.com GHSA-fhqp-fjgf-qf28
6.0
CVSS 4.0 · Vendor: paloaltonetworks
Share

Severity by source

Vendor (paloaltonetworks) PRIMARY
6.0 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
vuln.today AI
7.2 HIGH

Administrator-only CLI access drives PR:H and AV:N; arbitrary root execution independently warrants A:H despite vendor's conservative VA:N choice.

3.1 AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
4.0 AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (paloaltonetworks).

CVSS VectorVendor: paloaltonetworks

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber
Attack Vector
Network
Attack Complexity
Low
Privileges Required
High
User Interaction
None
Scope
X

Lifecycle Timeline

3
Patch available
Jul 09, 2026 - 20:01 EUVD
Analysis Generated
Jul 09, 2026 - 19:46 vuln.today
CVE Published
Jul 09, 2026 - 19:17 cve.org
MEDIUM 6.0

DescriptionCVE.org

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root.

The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators.

This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series).

Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

AnalysisAI

Command injection in the Palo Alto Networks PAN-OS management plane allows an authenticated administrator to execute arbitrary OS commands with root privileges on PA-Series, VM-Series, and Panorama appliances. The vulnerability is classified CWE-78 and is reachable via the network-accessible management interface, though the requirement for administrator-level credentials substantially constrains the attacker pool. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain PAN-OS administrator credentials
Delivery
Connect to management plane over network
Exploit
Submit crafted CLI input with injected shell metacharacters
Execution
Management plane passes unsanitized input to OS shell
Impact
Execute arbitrary commands as root on the appliance

Vulnerability AssessmentAI

Exploitation Exploitation requires a valid, authenticated PAN-OS administrator account - unauthenticated users and low-privilege operator or read-only roles cannot trigger this vulnerability. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 base score of 6.0 (Medium) accurately reflects the high privilege prerequisite (PR:H) that is the dominant risk-reducing factor - only authenticated administrators can reach the vulnerable surface. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained PAN-OS administrator credentials - through phishing, credential stuffing, or insider access - connects to the management plane interface over the network and submits a crafted CLI command embedding OS shell metacharacters. The management plane passes the unsanitized input to the underlying OS shell, executing the injected payload with root privileges and granting full OS-level control of the appliance. …
Remediation The primary remediation is to apply the vendor-released patch per the Palo Alto Networks advisory at https://security.paloaltonetworks.com/CVE-2026-0286 - exact fix versions are not present in the current data and must be confirmed from that advisory before deployment. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

More in Pan Os

View all
CVE-2025-0108 HIGH POC
8.8 Feb 12

Palo Alto Networks PAN-OS management web interface contains an authentication bypass allowing unauthenticated attackers

CVE-2016-4971 HIGH POC
8.8 Jun 30

GNU wget before 1.18 allows remote servers to write to arbitrary files by redirecting a request from HTTP to a crafted F

CVE-2016-9150 CRITICAL POC
9.8 Nov 19

Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x b

CVE-2016-8610 HIGH
7.5 Nov 13

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL proto

CVE-2025-0111 HIGH
7.1 Feb 12

Palo Alto Networks PAN-OS management interface contains an authenticated file read vulnerability allowing reading of fil

CVE-2024-0012 CRITICAL POC
9.3 Nov 18

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access t

CVE-2020-2038 HIGH POC
7.2 Sep 09

An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to exe

CVE-2024-9474 MEDIUM POC
6.9 Nov 18

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to

CVE-2020-2036 HIGH POC
8.8 Sep 09

A reflected cross-site scripting (XSS) vulnerability exists in the PAN-OS management web interface. Rated high severity

CVE-2012-6601 CRITICAL
10.0 Aug 31

The device-management command-line interface in Palo Alto Networks PAN-OS before 3.1.12, 4.0.x before 4.0.10, and 4.1.x

CVE-2019-1579 HIGH POC
8.1 Jul 19

Remote Code Execution in PAN-OS 7.1.18 and earlier, PAN-OS 8.0.11-h1 and earlier, and PAN-OS 8.1.2 and earlier with Glob

CVE-2017-8390 CRITICAL
9.8 Aug 02

The DNS Proxy in Palo Alto Networks PAN-OS before 6.1.18, 7.x before 7.0.16, 7.1.x before 7.1.11, and 8.x before 8.0.3 a

Share

EUVD-2026-42675 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy