Command Injection Vulnerability in Palo Alto Networks PAN-OS Software
CVE-2026-0286
6MEDIUM
What is CVE-2026-0286?
A command injection vulnerability exists in the management plane of Palo Alto Networks PAN-OS software, allowing an authenticated administrator to execute arbitrary operating system commands with root privileges. This poses a significant security risk, particularly if command-line interface (CLI) access is not properly restricted. Administrators are advised to limit CLI access to a select group to mitigate potential exploits. This vulnerability is specific to PAN-OS on PA-Series and VM-Series firewalls as well as Panorama, while Cloud NGFW and Prisma Access services remain unaffected.
Affected Version(s)
PAN-OS 12.1.0 < 12.1.8
PAN-OS 11.2.0 < 11.2.13
PAN-OS 11.1.0 < 11.1.16
References
CVSS V4
Score:
6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
- 👾
Exploit known to exist
Vulnerability published
Vulnerability Reserved
Credit
Curious of TRAPA Security
our internal security research teams