CVE-2016-3654
HIGHPalo Alto Networks PAN-OS <7.0.5H2 - Command Injection
Title source: llmDescription
The device management command line interface (CLI) in Palo Alto Networks PAN-OS before 5.0.18, 5.1.x before 5.1.11, 6.0.x before 6.0.13, 6.1.x before 6.1.10, and 7.0.x before 7.0.5H2 allows remote authenticated administrators to execute arbitrary OS commands via an SSH command parameter.
References (1)
Core 1
Core References
Various Sources x_refsource_confirm
https://security.paloaltonetworks.com/CVE-2016-3654
Scores
CVSS v3
7.2
EPSS
0.0052
EPSS Percentile
67.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
paloaltonetworks/pan-os
5.0.0 - 5.0.18
Published
Apr 12, 2016
Tracked Since
Feb 18, 2026