CVE-2016-9150

CRITICAL

Palo Alto Networks PAN-OS <7.1.6 - Buffer Overflow

Title source: llm

Description

Buffer overflow in the management web interface in Palo Alto Networks PAN-OS before 5.0.20, 5.1.x before 5.1.13, 6.0.x before 6.0.15, 6.1.x before 6.1.15, 7.0.x before 7.0.11, and 7.1.x before 7.1.6 allows remote attackers to execute arbitrary code via unspecified vectors.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Google Security Research · textdoslinux

https://www.exploit-db.com/exploits/40790

View Code ZIP pw:eip

References (4)

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/94399

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1037382

[Various Sources] https://security.paloaltonetworks.com/CVE-2016-9150

[Third Party Advisory, VDB Entry] https://www.exploit-db.com/exploits/40790/

Scores

CVSS v3 9.8

EPSS 0.6285

EPSS Percentile 98.4%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-119

Status published

Products (1)

paloaltonetworks/pan-os 5.0.0 - 5.0.20

Published Nov 19, 2016

Tracked Since Feb 18, 2026