JavaScript seems to be disabled in your browser. For the best experience on our site, be sure to turn on Javascript in your browser.

Home
Blogs
firewalls

firewalls

PAN-OS Captive Portal Zero-Day (CVE-2026-0300) Enables Unauthenticated Root RCE on Firewalls

Posted: May 07, 2026

Categories: Data Breach, firewall

Tags: zero-day exploit, vulnerability, remote code execution, firewalls

Author: Npav Lab

Views: 2

A critical PAN-OS vulnerability (CVE-2026-0300) in the User-ID Captive Portal allows unauthenticated remote code execution with root privileges. Limited exploitation has been linked to state-sponsored activity involving log tampering, Active Directory enumeration, and deployment of tunneling tools like EarthWorm and ReverseSocks5.

Read more

↑

Back to Top