Lucene search
K

6 matches found

NVD
NVD
added yesterday6 views

CVE-2026-0285

A server-side request forgery SSRF vulnerability in Palo Alto Networks PAN-OS software enables an authenticated administrator with network access to the management web interface to make unauthorized requests from the firewall to internal services. The security risk posed by this issue is minimize...

7CVSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/16 7:7 p.m.19 views

CVE-2025-0137

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have network access to the...

4.8CVSS6.7AI score0.00344EPSS
Exploits0References3
Palo Alto Networks
Palo Alto Networks
added 2025/02/12 5:0 p.m.31 views

PAN-OS OpenConfig Plugin: Command Injection Vulnerability in OpenConfig Plugin

A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the...

7.5CVSS7.4AI score0.01238EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2025/02/12 5:0 p.m.23 views

PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface

An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs and configuration files but doe...

2.1CVSS6.8AI score0.00582EPSS
Exploits0References1
Palo Alto Networks
Palo Alto Networks
added 2025/02/12 5:0 p.m.17 views

PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface

An authenticated file read vulnerability in the management web interface of the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. The attacker must...

5.9CVSS6.5AI score0.98338EPSS
Exploits22References1
ATTACKERKB
ATTACKERKB
added 2025/02/12 12:0 a.m.18 views

CVE-2025-0111

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly reduce the risk of this issue by...

7.1CVSS6.3AI score0.01862EPSS
In wildExploits0References2
Rows per page
Query Builder