Authenticated File Read Vulnerability in Palo Alto Networks PAN-OS Management Interface
A file read vulnerability exists in Palo Alto Networks PAN-OS software that allows an authenticated attacker with management web interface access to read files on the PAN-OS filesystem that can be accessed by the "nobody" user. Administrators can mitigate this risk by following Palo Alto Networks' recommended best practices, which involve restricting management web interface access to trusted internal IP addresses. The vulnerability specifically does not impact Cloud NGFW or Prisma Access software.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
paloaltonetworks pan-os 11.2.4 |
||
paloaltonetworks pan-os 11.2.3 |
||
paloaltonetworks pan-os 11.2.2 |
||
paloaltonetworks pan-os 11.2.1 |
||
paloaltonetworks pan-os 11.2.0 |
||
paloaltonetworks pan-os 11.1.6 |
||
paloaltonetworks pan-os 11.1.5 |
||
paloaltonetworks pan-os 11.1.4 |
||
paloaltonetworks pan-os 11.1.3 |
||
paloaltonetworks pan-os 11.1.2 |
||
paloaltonetworks pan-os 11.1.1 |
||
paloaltonetworks pan-os 11.1.0 |
||
paloaltonetworks pan-os 10.2.13 |
||
paloaltonetworks pan-os 10.2.12 |
||
paloaltonetworks pan-os 10.2.11 |
||
paloaltonetworks pan-os 10.2.10 |
||
paloaltonetworks pan-os 10.2.9 |
||
paloaltonetworks pan-os 10.2.8 |
||
paloaltonetworks pan-os 10.2.7 |
||
paloaltonetworks pan-os 10.2.6 |
||
paloaltonetworks pan-os 10.2.5 |
||
paloaltonetworks pan-os 10.2.4 |
||
paloaltonetworks pan-os 10.2.3 |
||
paloaltonetworks pan-os 10.2.2 |
||
paloaltonetworks pan-os 10.2.1 |
||
paloaltonetworks pan-os 10.2.0 |
||
paloaltonetworks pan-os 10.1.14 |
||
paloaltonetworks pan-os 10.1.13 |
||
paloaltonetworks pan-os 10.1.12 |
||
paloaltonetworks pan-os 10.1.11 |
||
paloaltonetworks pan-os 10.1.10 |
||
paloaltonetworks pan-os 10.1.9 |
||
paloaltonetworks pan-os 10.1.8 |
||
paloaltonetworks pan-os 10.1.7 |
||
paloaltonetworks pan-os 10.1.6 |
||
paloaltonetworks pan-os 10.1.5 |
||
paloaltonetworks pan-os 10.1.4 |
||
paloaltonetworks pan-os 10.1.3 |
||
paloaltonetworks pan-os 10.1.2 |
||
paloaltonetworks pan-os 10.1.1 |
||
paloaltonetworks pan-os 10.1.0 |
||
palo alto networks cloud ngfw |
||
palo alto networks pan-os |
||
palo alto networks prisma access |
CISA flags Craft CMS code injection flaw as exploited in attacks By Bill Toulas February 21, 2025 10:57 AM 0 The U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. The flaw is tracked as CVE-2025-23209 and is a high severity (CVSS v3 score: 8.0) code injection (RCE) vulnerability impacting Craft CMS versions 4 and 5. Craft CMS is a content management system (CMS) used for building websites and cust...
Palo Alto Networks tags new firewall bug as exploited in attacks By Bill Toulas February 19, 2025 10:38 AM 0 Palo Alto Networks warns that a file read vulnerability (CVE-2025-0111) is now being chained in attacks with two other flaws (CVE-2025-0108 with CVE-2024-9474) to breach PAN-OS firewalls in active attacks. The vendor first disclosed the authentication bypass vulnerability tracked as CVE-2025-0108 on February 12, 2025, releasing patches to fix the vulnerability. That same day, Assetnote re...
Topics Security Off-Prem On-Prem Software Offbeat Special Features Vendor Voice Vendor Voice Resources If you want to avoid urgent patches, stop exposing management consoles to the public internet
A flaw patched last week by Palo Alto Networks is now under active attack and, when chained with two older vulnerabilities, allows attackers to gain root access to affected systems. This story starts with CVE-2024-9474, a 6.9-rated privilege escalation vulnerability in Palo Alto Networks PAN-OS software that allowed an OS administrator with access to the management web interface to perform actions on the firewall with root privileges. The company patched it in November 2024. Dark web intelligenc...
Vulmon