CVE-2025-4615

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables an authenticated administrator to bypass system restrictions and execute arbitrary commands. The security risk posed by this issue is significantly minimized when CLI...

PT-2023-8655 · Palo Alto Networks · Pan-Os

Name of the Vulnerable Software and Affected Versions: Palo Alto Networks PAN-OS affected versions not specified Description: A cross-site scripting XSS issue in the web interface of Palo Alto Networks PAN-OS software allows a malicious authenticated read-write administrator to store a JavaScript...

The vulnerability of the web interface of the operating system PAN-OS allows a perpetrator to enhance their privileges and execute arbitrary code.

The vulnerability of the PAN-OS operating system’s web interface is related to synchronization errors when using common resources. Exploiting this vulnerability can allow a remote attacker to increase their privileges and execute arbitrary code...

CVE-2021-3058

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator with permissions to use XML API the ability to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 8.1 versions earlier than PAN-OS 8.1.20-h1;...