CVE-2026-0300

This repository contains a functional Python-based proof-of-concept exploit for CVE-2026-0300, a buffer overflow vulnerability in Palo Alto Networks PAN-OS User-ID Authentication Portal. The exploit demonstrates remote code execution by sending a crafted POST request to overflow a fixed-size buffer, potentially allowing control over the instruction pointer.

This repository contains a functional Python-based exploit for CVE-2026-0300, a critical buffer overflow vulnerability in Palo Alto Networks PAN-OS User-ID™ Authentication Portal. The exploit leverages a crafted POST request to trigger an out-of-bounds write, leading to remote code execution via a reverse shell payload.

This repository contains a functional honeypot for CVE-2026-0300, designed to emulate the PAN-OS User-ID Authentication Portal vulnerability. The honeypot script (`pan_userid_honeypot.py`) is deployed via an installer script that sets up a Python-based service to monitor and log exploitation attempts on ports 6080/6081/6082.

This repository contains a non-destructive exposure survey tool for CVE-2026-0300, which is a buffer overflow vulnerability in Palo Alto Networks PAN-OS User-ID Authentication Portal. The tool checks for network and HTTP(S) reachability, portal-related paths, and basic response fingerprints to assess exposure without exploiting the vulnerability.

The repository contains a functional Python-based proof-of-concept exploit for CVE-2026-0300, targeting an unauthenticated remote code execution vulnerability in Palo Alto Networks PAN-OS User-ID Portal. The exploit crafts a malicious HTTP POST request with a buffer overflow payload to achieve RCE.

This repository provides read-only audit tooling for CVE-2026-0300, an unauthenticated buffer overflow in the PAN-OS User-ID Authentication Portal. The scripts query the PAN-OS XML API to detect configurations vulnerable to the CVE but do not exploit it.

The repository contains a Python script that scans for exposed Palo Alto PAN-OS Captive Portal endpoints vulnerable to CVE-2026-0300, a critical buffer overflow vulnerability. It checks multiple paths and reports if any are accessible, but does not include exploit code.