Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1336 CNY

100%

CVE-2026-0286— PAN-OS: Authenticated Command Injection in CLI

AI Predicted 8.1 Difficulty: Easy EPSS 1.10% · P62

Affected Version Matrix 6

VendorProductVersion RangeStatus
Palo Alto NetworksCloud NGFWAllunaffected
Palo Alto NetworksPAN-OS12.1.0< 12.1.8affected
11.2.0< 11.2.13affected
11.1.0< 11.1.16affected
10.2.0< 10.2.18-h8affected
Palo Alto NetworksPrisma AccessAllunaffected
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2026-0286

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
PAN-OS: Authenticated Command Injection in CLI
Source: NVD (National Vulnerability Database)
Vulnerability Description
A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by this vulnerability.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Source: NVD (National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
Palo Alto NetworksCloud NGFW--
Palo Alto NetworksPAN-OS 12.1.0 ~ 12.1.8 cpe:2.3:o:palo_alto_networks:pan-os:12.1.7:-:*:*:*:*:*:*
Palo Alto NetworksPrisma Access--

II. Public POCs for CVE-2026-0286

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2026-0286

登录查看更多情报信息。

Vendor Advisories for CVE-2026-0286 (1)

Same Patch Batch · Palo Alto Networks · 2026-07-09 · 13 CVEs total

CVE-2026-0275Prisma Browser: Local Privilege Escalation on macOS
CVE-2026-0276Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability
CVE-2026-0277Prisma Access Agent: Improper Certificate Validation on iOS
CVE-2026-0278Prisma Access Agent: Multiple DLP Policy Bypass Vulnerabilities on Windows
CVE-2026-0279PAN-OS: Multiple Cross-Site Scripting (XSS) Vulnerabilities
CVE-2026-0280PAN-OS: IPv6 Firewall Policy Bypass
CVE-2026-0281PAN-OS: Information Disclosure Vulnerability in Management Web Interface
CVE-2026-0282PAN-OS: File Deletion Vulnerability in Management Web Interface
CVE-2026-0283PAN-OS: Authentication Bypass Vulnerability in Large Scale VPN (LSVPN)
CVE-2026-0284PAN-OS: XML Injection Vulnerability in Large Scale VPN (LSVPN)
CVE-2026-0285PAN-OS: Server-Side Request Forgery Vulnerability in Management Web Interface
CVE-2026-0287PAN-OS: Denial of Service Vulnerabilities in Network Traffic Processing

IV. Related Vulnerabilities

V. Comments for CVE-2026-0286

No comments yet


Leave a comment