p1a2l3o4a5l6t7o8

## CVE-2024-3400.md

      
        
          
            
              
              1 file
            
          
          
            
              
              0 forks
            
          
          
            
              
              0 comments
            
          
          
            
              
              0 stars
            
          
        
        
          
              
          
          
            
                p1a2l3o4a5l6t7o8
                / CVE-2024-3400.md
            
            
              Last active
              July 17, 2024 17:10
            
              
                Vulnerable scripts for exploiting CVE-2024-3400 without device telemetry
              
          
        
      
        
  
      
    pan_logexport_ftp

Globbing in the tar command results in parameter injection, resulting in code execution.
$ diff ./11.2.0/usr/local/bin/pan_log_export_ftp ./11.2.1/usr/local/bin/pan_log_export_ftp
5a6
> import tarfile
125c126
<     shellCmd = "cd /opt/pancfg/mgmt/mdm/enterprise_appstore; tar -czf /opt/pancfg/mgmt/mdm/tmp/entappstore.tgz *"
---
>     shellCmd = "cd /opt/pancfg/mgmt/mdm/enterprise_appstore"