CVE-2025-0124

CVE-2025-0124 (PAN-OS): An authenticated attacker with network access to the PAN-OS management web interface can delete certain files as the "nobody" user (logs/config files; not system files). Affected product: PAN-OS running on Cloud NGFW; not Prisma Access. Root cause: authenticated file delet...

PT-2025-16005 · Palo Alto Networks · Pan-Os

Name of the Vulnerable Software and Affected Versions: PAN-OS affected versions not specified Description: An improper input neutralization issue in the management web interface of the Palo Alto Networks PAN-OS software allows a malicious authenticated read-write administrator to impersonate...

PAN-OS: Authenticated File Deletion Vulnerability on the Management Web Interface

An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables an authenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but does not include syste...

PAN-OS: Improper Neutralization of Input in the Management Web Interface

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have network access to the...

Palo Alto Networks PAN-OS 10.1.x / 10.2.x / 11.0.x / 11.1.x / 11.2.x Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is a vulnerable version of 10.1.x, 10.2.x, 11.0.x, 11.1.x, or 11.2.x. It is, therefore, affected by a vulnerability. An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS...

Exploit for Missing Authentication for Critical Function in Paloaltonetworks Pan-Os

CVE-2025-0108 PAN-OS: Authentication Bypass in the Management...

Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

Palo Alto Networks PAN-OS contains an authentication bypass vulnerability in its management web interface. This vulnerability allows an unauthenticated attacker with network access to the management web interface to bypass the authentication normally required and invoke certain PHP scripts...

CVE-2025-0110

A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the...

CVE-2025-0109

An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but doe...

CVE-2025-0108

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PH...

CVE-2025-0111

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

CVE-2025-0111

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

CVE-2025-0110

A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the...

CVE-2025-0108

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PH...

CVE-2025-0110

CVE-2025-0110 refers to a command-injection vulnerability in Palo Alto Networks PAN-OS OpenConfig Plugin, exploitable by an authenticated administrator who can issue gNMI requests to the management web interface. The commands run as the __openconfig user (Device Administrator) on the firewall, by...

CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

CVE-2025-0111

PAN-OS contains an authenticated file read vulnerability in the management web interface that allows a network-authenticated attacker to read files on the PAN-OS filesystem readable by the nobody user. The issue is triggered by access to the management interface; Palo Alto Networks recommends res...

CVE-2025-0109 PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface

An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but doe...

CVE-2025-0109

CVE-2025-0109 describes an unauthenticated file-deletion vulnerability in the PAN-OS management web interface. An unauthenticated attacker with network access can delete certain files as the “nobody” user, including limited logs and configuration files, but not system files. The issue is confined...

CVE-2025-0108

CVE-2025-0108 affects Palo Alto Networks PAN-OS and targets the management web interface, where an unauthenticated attacker can bypass authentication and invoke certain PHP scripts. Public exploit/PoC tooling exists (GitHub repos) and activity has been observed, including reports of active exploi...