Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

paloaltonetworks pan-os 11.1.5 vulnerabilities and exploits

(subscribe to this query)
7.2
CVSSv3

CVE-2024-9474

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS administrator with access to the management web interface to perform actions on the firewall with root privileges. Cloud NGFW and Prisma Access are not impacted by this vulnerability.
Paloaltonetworks Pan-os -Palo Alto Networks Cloud NgfwPalo Alto Networks Pan-osPalo Alto Networks Prisma AccessPaloaltonetworks Pan-osPaloaltonetworks Pan-os 10.1.14Paloaltonetworks Pan-os 10.2.12Paloaltonetworks Pan-os 11.0.6Paloaltonetworks Pan-os 11.1.5Paloaltonetworks Pan-os 11.2.4
8.2
CVSSv4

CVE-2025-0130

A missing exception check in Palo Alto Networks PAN-OS® software with the web proxy feature enabled allows an unauthenticated malicious user to send a burst of maliciously crafted packets that causes the firewall to become unresponsive and eventually reboot. Repeated successf...
Paloaltonetworks Pan-os 11.2.4Paloaltonetworks Pan-os 11.2.3Paloaltonetworks Pan-os 11.2.2Paloaltonetworks Pan-os 11.2.1Paloaltonetworks Pan-os 11.2.0Paloaltonetworks Pan-os 11.1.6Paloaltonetworks Pan-os 11.1.5Paloaltonetworks Pan-os 11.1.4Paloaltonetworks Pan-os 11.1.3Paloaltonetworks Pan-os 11.1.2Paloaltonetworks Pan-os 11.1.1Paloaltonetworks Pan-os 11.1.0
9.8
CVSSv3

CVE-2024-0012

An authentication bypass in Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to gain PAN-OS administrator privileges to perform administrative actions, tamper with the configuration, or exploit other authen...
Paloaltonetworks Pan-os 11.2.4Paloaltonetworks Pan-os 11.2.3Paloaltonetworks Pan-os 11.2.2Paloaltonetworks Pan-os 11.2.1Paloaltonetworks Pan-os 11.2.0Paloaltonetworks Pan-os 11.2Paloaltonetworks Pan-os 11.1.5Paloaltonetworks Pan-os 11.1.4Paloaltonetworks Pan-os 11.1.3Paloaltonetworks Pan-os 11.1.2Paloaltonetworks Pan-os 11.1.1Paloaltonetworks Pan-os 11.1.0
6.5
CVSSv3

CVE-2025-0111

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user. You can greatly redu...
Paloaltonetworks Pan-os 11.2.4Paloaltonetworks Pan-os 11.2.3Paloaltonetworks Pan-os 11.2.2Paloaltonetworks Pan-os 11.2.1Paloaltonetworks Pan-os 11.2.0Paloaltonetworks Pan-os 11.1.6Paloaltonetworks Pan-os 11.1.5Paloaltonetworks Pan-os 11.1.4Paloaltonetworks Pan-os 11.1.3Paloaltonetworks Pan-os 11.1.2Paloaltonetworks Pan-os 11.1.1Paloaltonetworks Pan-os 11.1.0
9.1
CVSSv3

CVE-2025-0108

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While ...
Paloaltonetworks Pan-os 11.2.4Paloaltonetworks Pan-os 11.2.3Paloaltonetworks Pan-os 11.2.2Paloaltonetworks Pan-os 11.2.1Paloaltonetworks Pan-os 11.2.0Paloaltonetworks Pan-os 11.1.6Paloaltonetworks Pan-os 11.1.5Paloaltonetworks Pan-os 11.1.4Paloaltonetworks Pan-os 11.1.3Paloaltonetworks Pan-os 11.1.2Paloaltonetworks Pan-os 11.1.1Paloaltonetworks Pan-os 11.1.0
6.9
CVSSv4

CVE-2025-0109

An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web interface enables an unauthenticated attacker with network access to the management web interface to delete certain files as the “nobody” user; this includes limited logs an...
Paloaltonetworks Pan-os 11.2.4Paloaltonetworks Pan-os 11.2.3Paloaltonetworks Pan-os 11.2.2Paloaltonetworks Pan-os 11.2.1Paloaltonetworks Pan-os 11.2.0Paloaltonetworks Pan-os 11.1.6Paloaltonetworks Pan-os 11.1.5Paloaltonetworks Pan-os 11.1.4Paloaltonetworks Pan-os 11.1.3Paloaltonetworks Pan-os 11.1.2Paloaltonetworks Pan-os 11.1.1Paloaltonetworks Pan-os 11.1.0
6.8
CVSSv4

CVE-2025-0116

A Denial of Service (DoS) vulnerability in Palo Alto Networks PAN-OS software causes the firewall to unexpectedly reboot when processing a specially crafted LLDP frame sent by an unauthenticated adjacent attacker. Repeated attempts to initiate this condition causes the firewall t...
Paloaltonetworks Pan-os 11.2.4Paloaltonetworks Pan-os 11.2.3Paloaltonetworks Pan-os 11.2.2Paloaltonetworks Pan-os 11.2.1Paloaltonetworks Pan-os 11.2.0Paloaltonetworks Pan-os 11.1.6Paloaltonetworks Pan-os 11.1.5Paloaltonetworks Pan-os 11.1.4Paloaltonetworks Pan-os 11.1.3Paloaltonetworks Pan-os 11.1.2Paloaltonetworks Pan-os 11.1.1Paloaltonetworks Pan-os 11.1.0
4.8
CVSSv4

CVE-2025-0137

An improper input neutralization vulnerability in the management web interface of the Palo Alto Networks PAN-OS® software enables a malicious authenticated read-write administrator to impersonate another legitimate authenticated PAN-OS administrator. The attacker must have ne...
Paloaltonetworks Pan-os 11.2.4Paloaltonetworks Pan-os 11.2.3Paloaltonetworks Pan-os 11.2.2Paloaltonetworks Pan-os 11.2.1Paloaltonetworks Pan-os 11.2.0Paloaltonetworks Pan-os 11.1.6Paloaltonetworks Pan-os 11.1.5Paloaltonetworks Pan-os 11.1.4Paloaltonetworks Pan-os 11.1.3Paloaltonetworks Pan-os 11.1.2Paloaltonetworks Pan-os 11.1.1Paloaltonetworks Pan-os 11.1.0
5.9
CVSSv4

CVE-2025-0123

A vulnerability in the Palo Alto Networks PAN-OS® software enables unlicensed administrators to view clear-text data captured using the packet capture feature https://docs.paloaltonetworks.com/pan-os/11-0/pan-os-admin/monitoring/take-packet-captures/take-a-custom-packet-captu...
Paloaltonetworks Pan-os 11.2.5Paloaltonetworks Pan-os 11.2.4Paloaltonetworks Pan-os 11.2.3Paloaltonetworks Pan-os 11.2.2Paloaltonetworks Pan-os 11.2.1Paloaltonetworks Pan-os 11.2.0Paloaltonetworks Pan-os 11.1.6Paloaltonetworks Pan-os 11.1.5Paloaltonetworks Pan-os 11.1.4Paloaltonetworks Pan-os 11.1.3Paloaltonetworks Pan-os 11.1.2Paloaltonetworks Pan-os 11.1.1
6.9
CVSSv4

CVE-2025-0133

A reflected cross-site scripting (XSS) vulnerability in the GlobalProtect™ gateway and portal features of Palo Alto Networks PAN-OS® software enables execution of malicious JavaScript in the context of an authenticated Captive Portal user's browser when they click ...
Paloaltonetworks Pan-os 11.2.7Paloaltonetworks Pan-os 11.2.6Paloaltonetworks Pan-os 11.2.5Paloaltonetworks Pan-os 11.2.4Paloaltonetworks Pan-os 11.2.3Paloaltonetworks Pan-os 11.2.2Paloaltonetworks Pan-os 11.2.1Paloaltonetworks Pan-os 11.2.0Paloaltonetworks Pan-os 11.1.10Paloaltonetworks Pan-os 11.1.9Paloaltonetworks Pan-os 11.1.8Paloaltonetworks Pan-os 11.1.6
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
local file inclusionhard-codedCVE-2025-37899CVE-2025-46487CVE-2025-46474dnn.platformCVE-2025-47646school managementwordpress social login and registerreflected XSSCVE-2025-48735CVE-2025-4664zentaopms
Home
/
Search Results
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook