Vulmon Recent Vulnerabilities Product List Research Posts Trends Blog About Contact
NA
CVSSv3

CVE-2025-0108

CVSSv4: 8.8 | CVSSv3: NA | CVSSv2: NA | VMScore: 980 | EPSS: 0.93453 | KEV: Exploitation Reported
Published: 12/02/2025 Updated: 12/02/2025

Vulnerability Summary

Authentication Bypass in Palo Alto Networks PAN-OS Management Web Interface

An authentication bypass vulnerability exists in Palo Alto Networks PAN-OS software that allows an unauthenticated attacker with network access to the management web interface to bypass normal authentication requirements. By invoking specific PHP scripts, an attacker can potentially compromise the integrity and confidentiality of the PAN-OS system, though remote code execution is not possible. Palo Alto Networks recommends reducing risk by restricting management web interface access to trusted internal IP addresses according to their deployment best practices. This vulnerability specifically impacts PAN-OS software and does not affect Cloud NGFW or Prisma Access.

Solution

Version
Minor VersionSuggested Solution
PAN-OS 10.1
10.1.0 through 10.1.14
Upgrade to 10.1.14-h9 or later
PAN-OS 10.2
10.2.0 through 10.2.13
Upgrade to 10.2.13-h3 or later
PAN-OS 11.0 (EoL) Upgrade to a supported fixed versionPAN-OS 11.1
11.1.0 through 11.1.6
Upgrade to 11.1.6-h1 or later
PAN-OS 11.2
11.2.0 through 11.2.4
Upgrade to 11.2.4-h4 or laterNote: PAN-OS 11.0 reached end of life (EoL) on November 17, 2024. No additional fixes are planned for this release.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

paloaltonetworks pan-os 11.2.4

paloaltonetworks pan-os 11.2.3

paloaltonetworks pan-os 11.2.2

paloaltonetworks pan-os 11.2.1

paloaltonetworks pan-os 11.2.0

paloaltonetworks pan-os 11.1.6

paloaltonetworks pan-os 11.1.5

paloaltonetworks pan-os 11.1.4

paloaltonetworks pan-os 11.1.3

paloaltonetworks pan-os 11.1.2

paloaltonetworks pan-os 11.1.1

paloaltonetworks pan-os 11.1.0

paloaltonetworks pan-os 10.2.13

paloaltonetworks pan-os 10.2.12

paloaltonetworks pan-os 10.2.11

paloaltonetworks pan-os 10.2.10

paloaltonetworks pan-os 10.2.9

paloaltonetworks pan-os 10.2.8

paloaltonetworks pan-os 10.2.7

paloaltonetworks pan-os 10.2.6

paloaltonetworks pan-os 10.2.5

paloaltonetworks pan-os 10.2.4

paloaltonetworks pan-os 10.2.3

paloaltonetworks pan-os 10.2.2

paloaltonetworks pan-os 10.2.1

paloaltonetworks pan-os 10.2.0

paloaltonetworks pan-os 10.1.14

paloaltonetworks pan-os 10.1.13

paloaltonetworks pan-os 10.1.12

paloaltonetworks pan-os 10.1.11

paloaltonetworks pan-os 10.1.10

paloaltonetworks pan-os 10.1.9

paloaltonetworks pan-os 10.1.8

paloaltonetworks pan-os 10.1.7

paloaltonetworks pan-os 10.1.6

paloaltonetworks pan-os 10.1.5

paloaltonetworks pan-os 10.1.4

paloaltonetworks pan-os 10.1.3

paloaltonetworks pan-os 10.1.2

paloaltonetworks pan-os 10.1.1

paloaltonetworks pan-os 10.1.0

palo alto networks cloud ngfw

palo alto networks pan-os

palo alto networks prisma access

Github Repositories

https://github.com/barcrange/CVE-2025-0108-Authentication-Bypass-checker

This tool tests whether a target PAN-OS device is vulnerable to the CVE-2025-0108 authentication bypass vulnerability It sends a crafted HTTP request to the target and analyzes the response to determine if the device is exploitable Usage single ip python auth_bypass_cve_2025_0108py -u target-urlcom Multiple ip python auth_byp

https://github.com/FOLKS-iwd/CVE-2025-0108-PoC

This repository contains a Proof of Concept (PoC) for the **CVE-2025-0108** vulnerability, which is an **authentication bypass** issue in Palo Alto Networks' PAN-OS software. The scripts provided here test for the vulnerability by sending a crafted HTTP request to the target systems.

CVE-2025-0108 Detection Template 🔍 Nuclei template for Palo Alto PAN-OS Authentication Bypass (CVE-2025-0108) 📜 Overview A detection template for an authentication bypass vulnerability in Palo Alto PAN-OS management interface that allows unauthorized access via crafted path traversal requests CVSS 40: 88 (Base) / 78 (Threat) Severity: High 🔥 Exploitation Status: No

https://github.com/alex-milla/IOCs

IOC LIST This repository publishes dynamic IOC (Indicators of Compromise) lists containing malicious IP addresses for use in firewalls to automatically detect and block IPs associated with malicious activities and vulnerabilities Repository Function Collection and Updates: Gather and maintain up-to-date lists of malicious IP addresses Security Integration: Provide dynamic li

https://github.com/sohaibeb/CVE-2025-0108

PAN-OS CVE POC SCRIPT

CVE-2025-0108 PAN-OS CVE POC SCRIPT

https://github.com/barcrange/PAN-OS-Authentication-Bypass-Checker-CVE-2025-0108-

PAN-OS-Authentication-Bypass-Checker-CVE-2025-0108-

Recent Articles

CISA flags Craft CMS code injection flaw as exploited in attacks
BleepingComputer • Bill Toulas • 21 Feb 2025

CISA flags Craft CMS code injection flaw as exploited in attacks By Bill Toulas February 21, 2025 10:57 AM 0 The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is tracked as CVE-2025-23209 and is a high severity (CVSS v3 score: 8.0)  code injection (RCE) vulnerability impacting Craft CMS versions 4 and 5. Craft CMS is a content management system (CMS) used for building websites and cust...

Read more...
Palo Alto Networks tags new firewall bug as exploited in attacks
BleepingComputer • Bill Toulas • 19 Feb 2025

Palo Alto Networks tags new firewall bug as exploited in attacks By Bill Toulas February 19, 2025 10:38 AM 0 Palo Alto Networks warns that a file read vulnerability (CVE-2025-0111) is now being chained in attacks with two other flaws (CVE-2025-0108 with CVE-2024-9474) to breach PAN-OS firewalls in active attacks. The vendor first disclosed the authentication bypass vulnerability tracked as CVE-2025-0108 on February 12, 2025, releasing patches to fix the vulnerability. That same day, Assetnote re...

Read more...
Hackers exploit authentication bypass in Palo Alto Networks PAN-OS
BleepingComputer • Bill Toulas • 14 Feb 2025

Hackers exploit authentication bypass in Palo Alto Networks PAN-OS By Bill Toulas February 14, 2025 04:20 PM 0 Hackers are launching attacks against Palo Alto Networks PAN-OS firewalls by exploiting a recently fixed vulnerability (CVE-2025-0108) that allows bypassing authentication. The security issue received a high-severity score and impacts the PAN-OS management web interface and allows an unauthenticated attacker on the network to bypass authentication and invoke certain PHP script...

Read more...
Palo Alto firewalls under attack as miscreants chain flaws for root access
The Register

Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources If you want to avoid urgent patches, stop exposing management consoles to the public internet

A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two older vulnerabilities, allows attackers to gain root access to affected systems. This story starts with CVE-2024-9474, a 6.9-rated privilege escalation vulnerability in Palo Alto Networks PAN-OS software that allowed an OS administrator with access to the management web interface to perform actions on the firewall with root privileges. The company patched it in November 2024. Dark web intelligenc...

Read more...

References

CWE-306https://nvd.nist.govhttps://www.theregister.co.uk/2025/02/19/palo_alto_firewall_attack/https://github.com/FOLKS-iwd/CVE-2025-0108-PoChttps://www.first.org/epsshttps://security.paloaltonetworks.com/CVE-2025-0108
Preferred Score:
CVSSv3
CVSSv2
CVSSv3
CVSSv4
EPSS
VMScore
Recommendations:
CVE-2024-50264CVE-2025-43703wpwebmass assignmentCVE-2025-32817CVE-2025-27840CVE-2025-32844information disclosureCVE-2025-31338woocommerce social loginsonicwallavblocal
Home
/
Search Results
/
CVE-2025-0108
Vulmon Logo Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook