POC详情: 3dab8eec058120dc97f4c47faabc07c41d24226c

来源
https://github.com/fr4nc1stein/CVE-2025-0108-SCAN
关联漏洞
标题: Palo Alto Networks PAN-OS 安全漏洞 (CVE-2025-0108)
描述:Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一套为其防火墙设备开发的操作系统。 Palo Alto Networks PAN-OS存在安全漏洞,该漏洞源于存在认证绕过漏洞,会影响PAN-OS完整性和保密性。
描述
 Detects an authentication bypass vulnerability in Palo Alto PAN-OS (CVE-2025-0108).
介绍
# CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface

An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.

You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines.

This issue does not affect Cloud NGFW or Prisma Access software.


Reference: 

https://securityadvisories.paloaltonetworks.com/CVE-2025-0108

https://www.helpnetsecurity.com/2025/02/13/pan-os-authentication-bypass-palo-alto-networks-poc-cve-2025-0108/
文件快照

 [4.0K]  /data/pocs/3dab8eec058120dc97f4c47faabc07c41d24226c
├── [2.2K]  CVE-2025-0108-SCAN.py
└── [ 952]  README.md

0 directories, 2 files
神龙机器人已为您缓存
备注
    1. 建议优先通过来源进行访问。
    2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
    3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。