Exploit for GlobalProtect CVE-2024-3400
This exploit targets the original vulnerability, so the firewall must be running a vulnerable PAN-OS version and must have telemetry enabled.
Ref: https://labs.watchtowr.com/palo-alto-putting-the-protecc-in-globalprotect-cve-2024-3400/
Sample RCE with remote connect back shell:
On remote host:
