CVE-2025-4365/CVE-2024-12284: NetScaler Console/SDX Authenticated Arbitrary File Read/Write (FIXED)

During root cause analysis for the NetScaler Console vulnerability, CVE-2024-6235, Rapid7 discovered two high severity authenticated arbitrary file read and write vulnerabilities which were disclosed to the vendor in accordance with our disclosure policy. An Arbitrary File Read vulnerability...

CVE-2025-34098

The CVE-2025-34098 entry describes a path traversal vulnerability in Riverbed SteelHead VCX appliances (confirmed in VCX255U 9.6.0a) where improper input validation in the log filtering functionality exposed via the management web interface allows an authenticated attacker to submit crafted filte...

CVE-2025-0111

PAN-OS contains an authenticated file read vulnerability in the management web interface that allows a network-authenticated attacker to read files on the PAN-OS filesystem readable by the nobody user. The issue is triggered by access to the management interface; Palo Alto Networks recommends res...

CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface

An authenticated file read vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. The attacker must...

CVE-2025-0111

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

Palo Alto Networks PAN-OS 10.1.x < 10.1.14-h9 / 10.2.x < 10.2.7-h24 / 11.1.x < 11.1.6-h1 / 11.2.x < 11.2.4-h4 Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 10.1.x prior to 10.1.14-h9 or 10.2.x prior to 10.2.7-h24 or 11.1.x prior to 11.1.6-h1 or 11.2.x prior to 11.2.4-h4. It is, therefore, affected by a vulnerability. An authenticated file read vulnerability in the management web...

Palo Alto Networks PAN-OS 安全漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A security vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of an authenticated file read vulnerability, which could allow an attacker to read specific...

GitLab Authenticated File Read

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'GitLab Authenticated File Read', 'Description' = %q GitLab version 16.0 contains a directory traversal for arbitrary file read as the gitlab-www...

PT-2022-22644 · WordPress · Xplodedthemes Wpide

Name of the Vulnerable Software and Affected Versions: XplodedThemes WPide plugin versions = 2.6 Description: The issue is an Authenticated Arbitrary File Read vulnerability. This means that an attacker with admin+ privileges can read arbitrary files. The estimated number of potentially affected...

Vulnerability fixed in SonicWall Email Security

SonicWall has fixed a vulnerability in Email Security. A authenticated malicious party can exploit the vulnerability to be able to read arbitrary files on the vulnerable system. SonicWall has released updates to fix the vulnerability in Email Security on Premise and Hosted v10.0.9. For more...

JasperReports - Authenticated File Read Vulnerability

Exploit for multiple platform in category web applications TIBCO’s JasperReports string = wrapper.getParameterValues"page" To: getResource @ DirResourceSet.java:101 file = new File/home/rhino/jasperreports...mcat/webapps/jasperserver,"/WEB-INF/jsp/modules/administer/adminImport.jsp" Due to a lack...