Home

Description

A command injection vulnerability in the management plane of Palo Alto Networks PAN-OS® software enables an authenticated administrator to execute arbitrary OS commands as root. The security risk posed by this issue is significantly minimized when CLI access is restricted to a limited group of administrators. This issue is applicable to PAN-OS software on PA-Series and VM-Series firewalls and on Panorama (virtual and M-Series). Cloud NGFW and Prisma Access® are not impacted by this vulnerability.

PUBLISHED Reserved 2025-11-03 | Published 2026-07-09 | Updated 2026-07-09 | Assigner palo_alto




MEDIUM: 6.0CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/AU:N/R:U/V:D/RE:M/U:Amber

Problem types

CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

Product status

Default status
unaffected

All (custom)
unaffected

Default status
unaffected

12.1.0 (custom) before 12.1.8
affected

11.2.0 (custom) before 11.2.13
affected

11.1.0 (custom) before 11.1.16
affected

10.2.0 (custom) before 10.2.18-h8
affected

Default status
unaffected

All (custom)
unaffected

Timeline

2026-07-08:Initial Publication

Credits

Curious of TRAPA Security finder

our internal security research teams finder

References

security.paloaltonetworks.com/CVE-2026-0286 vendor-advisory

cve.org (CVE-2026-0286)

nvd.nist.gov (CVE-2026-0286)

Download JSON