• Creation
  • Validation
  • Communication & fix
  • Disclosure

huawei.com / Palo Alto (Global-network) instance is outdated

zythop reported 2021-11-18

The following Palo Alto (Global-network) is publicly accessible and looks out-dated : https://122.112.216.58/global-protect/login.esp

It is critical to update to a safe version as soon as possible since multiple CVEs could allow remote attackers to DoS or achieve RCE (Remote code execution) on the device.

Reference:

IP:
122.112.216.58
Port:
443
Detected protocol:
https
Found PAN-OS web frontend
Last update: 4/2020
Version: 7.1.26
Affected by CVE-2020-2034
Found by PaloAltoPlugin 2021-11-18
IP:
122.112.216.58
Port:
443
Detected protocol:
https
Found PAN-OS web frontend
Last update: 4/2020
Version: 7.1.26
Affected by CVE-2020-2034
Found by PaloAltoPlugin 2021-11-22
IP:
122.112.216.58
Port:
443
Detected protocol:
https
Found PAN-OS web frontend
Last update: 4/2020
Version: 7.1.26
Affected by CVE-2020-2034
Found by PaloAltoPlugin 2021-11-24
Report created by zythop  2021-11-18
Report approved by BloodyShell  2021-11-18
New PDF report generated by system 2021-11-18
Report dispatched to ...@... by system 2021-11-18
system commented 2021-11-19: approved shows in report

Email from: PSIRT@huawei.com

Dear,

We highly appreciate your concern about the security problems of Huawei products.

We will analyze this security problem and give our response as soon as possible.

To protect all affected customers, we hope you would not disclose the details of the security problem before the analysis is completed.

If you have any disclosure plan, please let us know in advance, Thanks.

Best Regards,

Huawei PSIRT

发件人: 01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net [mailto:01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net]
发送时间: 2021年11月18日 20:28
收件人: psirt@huawei.com
主题: Security issue detected for huawei.com : Palo Alto (Global-network) instance is outdated

Dear huawei.com,

Security researcher zythop has identified a security issue in your infrastructure through our prevention platform.
The issue has been confirmed by our team and its priority is critical.

Please use this email address ( 01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net <mailto:01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net>  ) for further communications with the involved parties.

This report has been dispatched to [psirt@huawei.com]

Report ID

01d561fd-4bbe-40b1-9b4e-0e64d5095702 <https://leakix.net/reports/01d561fd-4bbe-40b1-9b4e-0e64d5095702?key=l5Zo4O9gVDnRzEZmNfKnUYWE>

Owner

huawei.com

Title

Palo Alto (Global-network) instance is outdated

Researcher report

The following Palo Alto (Global-network) is publicly accessible and looks out-dated : https://122.112.216.58/global-protect/login.esp

It is critical to update to a safe version as soon as possible since multiple CVEs could allow remote attackers to DoS or achieve RCE (Remote code execution) on the device.

Reference:

*	https://security.paloaltonetworks.com/CVE-2020-2034

Related events

Host

Port

Source

Country

Priority

Infected

Leak rows

Leak size

122.112.216.58

443

PaloAltoPlugin

China

high

false

0 rows

0 B

Report timeline

Report created by zythop on Thu, 18 Nov 2021 09:41:56 UTC

Report approved by BloodyShell on Thu, 18 Nov 2021 12:27:35 UTC

New PDF report generated by system on Thu, 18 Nov 2021 12:27:36 UTC

This is a free prevention report and not a sales attempt.
While we do encourage rewarding researchers, we do not promote any kind of ransom or extortion scheme.
Should a researcher require money from you, let us know at fraud@leakix.net, we'll take
the appropriate actions and provide you guidance in the next steps.

LeakIX prevention team
support@leakix.net <mailto:support@leakix.net>
https://leakix.net/

Report comment dispatched to BloodyShell by system 2021-11-19
Report comment dispatched to iampritam by system 2021-11-19
Report comment dispatched to fokoil by system 2021-11-19
Report comment dispatched to thLambda by system 2021-11-19
system commented 2021-11-26: approved shows in report

bip! I'm a LeakIX probe.

This issue looks like it has been resolved!

New PDF report generated by system 2021-11-26
Report comment dispatched to zythop by system 2021-11-26
Report comment dispatched to psirt@huawei.com by system 2021-11-26
BloodyShell commented 2021-11-30: approved shows in report

Server hasn't replied in 4 days, closing

New PDF report generated by system 2021-11-30
Report comment dispatched to zythop by system 2021-11-30
Report comment dispatched to psirt@huawei.com by system 2021-11-30
Report marked as fixed by BloodyShell  2021-11-30
Report closed by BloodyShell  2021-11-30
New PDF report generated by system 2021-11-30
system commented 2021-12-01: approved shows in report

Email from: PSIRT@huawei.com

Dear LeakIX prevention team,

We highly appreciate your concern about the security problems of Huawei products.

The business department has fixed the problem.

If you find any other serious problems, please feel free to contact us.

Best Regards,

Huawei PSIRT

发件人: Huawei PSIRT [mailto:PSIRT@huawei.com]
发送时间: 2021年11月19日 14:19
收件人: '01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net' <01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net>
抄送: Huawei PSIRT <PSIRT@huawei.com>; Yinhailong <yinhailong09@huawei.com>
主题: re: Security issue detected for huawei.com : Palo Alto (Global-network) instance is outdated

Dear,

We highly appreciate your concern about the security problems of Huawei products.

We will analyze this security problem and give our response as soon as possible.

To protect all affected customers, we hope you would not disclose the details of the security problem before the analysis is completed.

If you have any disclosure plan, please let us know in advance, Thanks.

Best Regards,

Huawei PSIRT

发件人: 01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net [mailto:01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net]
发送时间: 2021年11月18日 20:28
收件人: psirt@huawei.com
主题: Security issue detected for huawei.com : Palo Alto (Global-network) instance is outdated

Dear huawei.com,

Security researcher zythop has identified a security issue in your infrastructure through our prevention platform.
The issue has been confirmed by our team and its priority is critical.

Please use this email address ( 01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net <mailto:01d561fd-4bbe-40b1-9b4e-0e64d5095702+<redacted>@reports.leakix.net>  ) for further communications with the involved parties.

This report has been dispatched to [psirt@huawei.com]

Report ID

01d561fd-4bbe-40b1-9b4e-0e64d5095702 <https://leakix.net/reports/01d561fd-4bbe-40b1-9b4e-0e64d5095702?key=l5Zo4O9gVDnRzEZmNfKnUYWE>

Owner

huawei.com

Title

Palo Alto (Global-network) instance is outdated

Researcher report

The following Palo Alto (Global-network) is publicly accessible and looks out-dated : https://122.112.216.58/global-protect/login.esp

It is critical to update to a safe version as soon as possible since multiple CVEs could allow remote attackers to DoS or achieve RCE (Remote code execution) on the device.

Reference:

*	https://security.paloaltonetworks.com/CVE-2020-2034

Related events

Host

Port

Source

Country

Priority

Infected

Leak rows

Leak size

122.112.216.58

443

PaloAltoPlugin

China

high

false

0 rows

0 B

Report timeline

Report created by zythop on Thu, 18 Nov 2021 09:41:56 UTC

Report approved by BloodyShell on Thu, 18 Nov 2021 12:27:35 UTC

New PDF report generated by system on Thu, 18 Nov 2021 12:27:36 UTC

This is a free prevention report and not a sales attempt.
While we do encourage rewarding researchers, we do not promote any kind of ransom or extortion scheme.
Should a researcher require money from you, let us know at fraud@leakix.net <mailto:fraud@leakix.net> , we'll take
the appropriate actions and provide you guidance in the next steps.

LeakIX prevention team
support@leakix.net <mailto:support@leakix.net>
https://leakix.net/

Report edited by BloodyShell  2021-12-01
New PDF report generated by system 2021-12-01
Report comment 0601cc approved by BloodyShell  2021-12-01
New PDF report generated by system 2021-12-01
Report comment dispatched to zythop by system 2021-12-01
Report comment dispatched to tmp@leakix.net by system 2021-12-01
Report comment 6cd0da approved by BloodyShell  2021-12-01
New PDF report generated by system 2021-12-01
Report comment dispatched to zythop by system 2021-12-01
Report comment dispatched to tmp@leakix.net by system 2021-12-01
Report edited by BloodyShell  2021-12-01
New PDF report generated by system 2021-12-01
Report edited by BloodyShell  2021-12-01
New PDF report generated by system 2021-12-01
Report edited by BloodyShell  2021-12-01
New PDF report generated by system 2021-12-01
Information
Owner huawei.com
Created 2021-11-18 09:41
Updated 2021-12-01 14:03
Fixed true

Contacts
p...@huawei.com

Status
Status closed
Hosting contacted false
CERT contacted false

Download report