Full title: Palo Alto Networks PAN-OS Unauthenticated Remote Code Execution Exploit 
Category: remote exploits
Platform: multiple
This Metasploit module exploits two vulnerabilities in Palo Alto Networks PAN-OS that allow an unauthenticated attacker to create arbitrarily named files and execute shell commands. Configuration requirements are PAN-OS with GlobalProtect Gateway or GlobalProtect Portal enabled and telemetry collection on (default). Multiple versions are affected. Payloads may take up to one hour to execute, depending on how often the telemetry service is set to run.

# 0day.today @ http://0day.today/