We've developed a script that verify the first bug of CVE-2017-xxxxx to verify if the device is vulnerable or not. The script creates the fake custom cookie and then verify it. If the cookie exists the device is vulnerable. We've extracted more than 6000 Palo Alto Networks Firewall devices from shodan and then we verify it. 25% of the analyzed devices are vulnerable.
Source: Gmail -> IFTTT-> Blogger
No comments:
Post a Comment