Back to KEVs

CVE-2025-0108

PAN-OS: Authentication Bypass in the Management Web Interface

Basic Information

CVE State: PUBLISHED
Reserved Date: December 20, 2024
Published Date: February 12, 2025
Last Updated: April 03, 2025
Vendor: Palo Alto Networks
Product: Cloud NGFW, PAN-OS, Prisma Access
Description: An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 . This issue does not affect Cloud NGFW or Prisma Access software.

CVSS Scores

CVSS v4.0

8.8 - HIGH

Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Red

SSVC Information

Exploitation: active
Automatable: Yes
Technical Impact: partial

Exploit Status

Exploited in the Wild: Yes (added 2025-02-18 00:00:00 UTC) Source
Proof of Concept Available: Yes (added 2025-02-13 06:39:25 UTC) Source

References

https://security.paloaltonetworks.com/CVE-2025-0108

Known Exploited Vulnerability Information

Source	Added Date
CISA	2025-02-18 00:00:00 UTC

Scanner Integrations

Scanner	URL	Date Detected
Nuclei	https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2025/CVE-2025-0108.yaml	2025-04-26 00:00:00 UTC

Potential Proof of Concepts

Warning: These PoCs have not been tested and could contain malware. Use at your own risk.

becrevex/CVE-2025-0108

Type: github • Created: 2025-02-19 16:57:58 UTC • Stars: 0

NSE script that checks for CVE-2025-0108 vulnerability in Palo Alto Networks PAN-OS

sohaibeb/CVE-2025-0108

Type: github • Created: 2025-02-19 16:00:04 UTC • Stars: 1

PAN-OS CVE POC SCRIPT

barcrange/CVE-2025-0108-Authentication-Bypass-checker

Type: github • Created: 2025-02-19 06:19:33 UTC • Stars: 0

fr4nc1stein/CVE-2025-0108-SCAN

Type: github • Created: 2025-02-18 21:04:45 UTC • Stars: 2

Detects an authentication bypass vulnerability in Palo Alto PAN-OS (CVE-2025-0108).

FOLKS-iwd/CVE-2025-0108-PoC

Type: github • Created: 2025-02-14 13:22:37 UTC • Stars: 7

This repository contains a Proof of Concept (PoC) for the **CVE-2025-0108** vulnerability, which is an **authentication bypass** issue in Palo Alto Networks' PAN-OS software. The scripts provided here test for the vulnerability by sending a crafted HTTP request to the target systems.

iSee857/CVE-2025-0108-PoC

Type: github • Created: 2025-02-13 06:39:25 UTC • Stars: 26

Palo Alto Networks PAN-OS 身份验证绕过漏洞批量检测脚本(CVE-2025-0108)