cbcvebase.
CVE-2020-2008
published 2020-05-13

CVE-2020-2008: An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with…

PriorityP346high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
EPSS
2.76%
84.4th percentile
An OS command injection and external control of filename vulnerability in Palo Alto Networks PAN-OS allows authenticated administrators to execute code with root privileges or delete arbitrary system files and impact the system's integrity or cause a denial of service condition. This issue affects: All versions of PAN-OS 7.1 and 8.0; PAN-OS 8.1 versions earlier than 8.1.14.

Affected

27 ranges· showing 25
VendorProductVersion rangeFixed in
msrcmicrosoft_net_framework_2.0_service_pack_2
msrcmicrosoft_net_framework_3.0_service_pack_2
msrcmicrosoft_net_framework_3.5
msrcmicrosoft_net_framework_3.5.1
msrcmicrosoft_net_framework_3.5_and_4.6.2_4.7_4.7.1_4.7.2
msrcmicrosoft_net_framework_3.5_and_4.6_4.6.1_4.6.2
msrcmicrosoft_net_framework_3.5_and_4.7.1_4.7.2
msrcmicrosoft_net_framework_3.5_and_4.7.2
msrcmicrosoft_net_framework_3.5_and_4.8
msrcmicrosoft_net_framework_4.5.2
msrcmicrosoft_net_framework_4.6
msrcmicrosoft_net_framework_4.6_4.6.1_4.6.2_4.7_4.7.1_4.7.2
msrcmicrosoft_net_framework_4.8
msrcmicrosoft_sharepoint_enterprise_server_2013_service_pack_1
msrcmicrosoft_sharepoint_enterprise_server_2016
msrcmicrosoft_sharepoint_server_2010_service_pack_2
msrcmicrosoft_sharepoint_server_2019
msrcmicrosoft_visual_studio_2017_version_15.9
msrcnet_core_2.1
msrcnet_core_3.1
palo_alto_networkspan-os
palo_alto_networkspan-os
palo_alto_networkspan-os>= 8.1 < 8.1.148.1.14
paloaltopan-os
paloaltonetworkspan-os7.1.0 – 7.1.26

CVSS provenance

nvdv3.17.2HIGHCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
nvdv2.09.0CRITICALAV:N/AC:L/Au:S/C:C/I:C/A:C
vendor_msrc7.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.