32 matches found
EUVD-2020-22034
Malware in sbrugna...
EUVD-2020-22043
Malware in sbrugna...
EUVD-2020-22057
Malware in sbrugna...
EUVD-2020-22063
Malware in sbrugna...
EUVD-2020-12780
Malware in sbrugna...
CVE-2025-0126 PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login
When configured using SAML, a session fixation vulnerability in the GlobalProtect™ login enables an attacker to impersonate a legitimate authorized user and perform actions as that GlobalProtect user. This requires the legitimate user to first click on a malicious link provided by the attacker. T...
About Authentication Bypass – PAN-OS (CVE-2025-0108) vulnerability
About Authentication Bypass - PAN-OS CVE-2025-0108 vulnerability. PAN-OS is the operating system used in all Palo Alto Network NGFWs. This vulnerability allows an unauthenticated attacker to gain access to the PAN-OS management web interface. The attacker can then "invoke certain PHP scripts",...
CVE-2025-0109
An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but doe...
CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface
An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...
CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PH...
PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface
An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but doe...
CVE-2024-0008
Web sessions in the management interface in Palo Alto Networks PAN-OS software do not expire in certain situations, making it susceptible to unauthorized access...
PAN-OS 10.0 - Remote Code Execution (RCE) (Authenticated)
Exploit Title: PAN-OS 10.0 - Remote Code Execution RCE Authenticated Date: 2022-08-13 Exploit Author: UnD3sc0n0c1d0 Software Link: https://security.paloaltonetworks.com/CVE-2020-2038 Category: Web Application Version: 10.0.1, 9.1.4 and 9.0.10 Tested on: PAN-OS 10.0 - Parrot OS CVE : CVE-2020-2038...
CVE-2020-2042
A buffer overflow vulnerability in the PAN-OS management web interface allows authenticated administrators to disrupt system processes and potentially execute arbitrary code with root privileges. This issue impacts only PAN-OS 10.0 versions earlier than PAN-OS 10.0.1...
CVE-2020-2036
A reflected cross-site scripting XSS vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could...
CVE-2020-2036
A reflected cross-site scripting XSS vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could...
CVE-2020-2036 PAN-OS: Reflected Cross-Site Scripting (XSS) vulnerability in management web interface
A reflected cross-site scripting XSS vulnerability exists in the PAN-OS management web interface. A remote attacker able to convince an administrator with an active authenticated session on the firewall management interface to click on a crafted link to that management web interface could...
PT-2020-15262 · Palo Alto Networks · Pan-Os
Name of the Vulnerable Software and Affected Versions: PAN-OS versions prior to 9.0.10 PAN-OS versions prior to 9.1.4 PAN-OS versions prior to 10.0.1 Description: The issue is an OS Command Injection vulnerability in the management interface, allowing authenticated administrators to execute...
CVE-2020-2037
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.16; PAN-OS 9.0 versions earlier than PAN-OS 9.0.10; PAN-OS 9.1...
CVE-2020-2030
An OS Command Injection vulnerability in the PAN-OS management interface that allows authenticated administrators to execute arbitrary OS commands with root privileges. This issue impacts PAN-OS 8.1 versions earlier than PAN-OS 8.1.15; and all versions of PAN-OS 7.1 and PAN-OS 8.0. This issue doe...