Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-9151Paloaltonetworks Pan-os vulnerability

CWE-2646 documents5 sources
Severity
7.8HIGHNVD
EPSS
0.1%
top 74.01%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Paloaltonetworks Pan-osPaloalto Pan-os
Timeline
PublishedNov 19
Latest updateMay 13

Description

Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows local users to gain privileges via crafted values of unspecified environment variables.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages2 packages

NVDpaloaltonetworks/pan-os5.0.05.0.20+5
Palo Altopaloalto/pan-os

🔴Vulnerability Details

2
GHSA
GHSA-48jw-g6cj-24gw: Palo Alto Networks PAN-OS before 52022-05-13
CVEList
CVE-2016-9151: Palo Alto Networks PAN-OS before 52016-11-19

💥Exploits & PoCs

2
Exploit-DB
Palo Alto Networks PanOS - 'root_reboot' Local Privilege Escalation2016-11-18
Exploit-DB
Palo Alto Networks PanOS - 'root_trace' Local Privilege Escalation2016-11-18

📋Vendor Advisories

1
Palo Alto
Local Privilege Escalation2016-11-17
CVE-2016-9151 — Paloaltonetworks Pan-os vulnerability | cvebase