Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Cloud NGFW — Vulnerabilities & Security Advisories 41

All 41 CVE vulnerabilities found in Cloud NGFW, with AI-generated Chinese analysis, references, and POCs.

Vendor: Palo Alto Networks

CVE IDTitleCVSSSeverityPublished
CVE-2026-0229 PAN-OS: Denial of Service in Advanced DNS Security Feature CWE-754 7.5AIHighAI2026-02-11
CVE-2026-0228 PAN-OS: Improper Validation of Terminal Server Agent Certificate CWE-295 7.5AIHighAI2026-02-11
CVE-2026-0227 PAN-OS: Firewall Denial of Service (DoS) in GlobalProtect Gateway and Portal CWE-754 7.5AIHighAI2026-01-15
CVE-2025-4619 PAN-OS: Firewall Denial of Service (DoS) Using Specially Crafted Packets CWE-754 7.5 -2025-11-13
CVE-2025-4615 PAN-OS: Improper Neutralization of Input in the Management Web Interface CWE-83 7.2AIHighAI2025-10-09
CVE-2025-4614 PAN-OS: Session Token Disclosure Vulnerability CWE-497 4.9AIMediumAI2025-10-09
CVE-2025-2182 PAN-OS: Firewall Clusters using the MACsec Protocol Expose the Connectivity Association Key (CAK) CWE-312 6.5AIMediumAI2025-08-13
CVE-2025-4229 PAN-OS: Traffic Information Disclosure Vulnerability CWE-497 5.3AIMediumAI2025-06-13
CVE-2025-4230 PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI CWE-78 7.2AIHighAI2025-06-12
CVE-2025-4231 PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface CWE-77 7.2AIHighAI2025-06-12
CVE-2025-0136 PAN-OS: Unencrypted Data Transfer when using AES-128-CCM on Intel-based hardware devices CWE-319 7.5AIHighAI2025-05-14
CVE-2025-0137 PAN-OS: Improper Neutralization of Input in the Management Web Interface CWE-83 7.2AIHighAI2025-05-14
CVE-2025-0133 PAN-OS: Reflected Cross-Site Scripting (XSS) Vulnerability in GlobalProtect Gateway and Portal CWE-79 6.1AIMediumAI2025-05-14
CVE-2025-0130 PAN-OS: Firewall Denial-of-Service (DoS) in the Web-Proxy Feature via a Burst of Maliciously Crafted Packets CWE-754 7.5AIHighAI2025-05-14
CVE-2025-0123 PAN-OS: Information Disclosure Vulnerability in HTTP/2 Packet Captures CWE-312 4.9AIMediumAI2025-04-11
CVE-2025-0128 PAN-OS: Firewall Denial of Service (DoS) Using a Specially Crafted Packet CWE-754 7.5AIHighAI2025-04-11
CVE-2025-0127 PAN-OS: Authenticated Admin Command Injection Vulnerability in PAN-OS VM-Series CWE-78 7.2AIHighAI2025-04-11
CVE-2025-0126 PAN-OS: Session Fixation Vulnerability in GlobalProtect SAML Login CWE-384 8.8AIHighAI2025-04-11
CVE-2025-0125 PAN-OS: Improper Neutralization of Input in the Management Web Interface CWE-83 7.2AIHighAI2025-04-11
CVE-2025-0124 PAN-OS: Authenticated File Deletion Vulnerability on the Management Web Interface CWE-73 7.1AIHighAI2025-04-11
CVE-2025-0111 PAN-OS: Authenticated File Read Vulnerability in the Management Web Interface CWE-73 6.5 -2025-02-12
CVE-2025-0109 PAN-OS: Unauthenticated File Deletion Vulnerability on the Management Web Interface CWE-73 9.1 -2025-02-12
CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface CWE-306 9.8 -2025-02-12
CVE-2025-0107 Expedition: OS Command Injection Vulnerability CWE-78 10.0 -2025-01-11
CVE-2025-0106 Expedition: Wildcard Expansion Vulnerability CWE-155 5.8 -2025-01-11
CVE-2025-0105 Expedition: Arbitrary File Deletion Vulnerability CWE-73 10.0 -2025-01-11
CVE-2025-0104 Expedition: Cross-Site Scripting (XSS) Vulnerability CWE-79 6.1 -2025-01-11
CVE-2025-0103 Expedition: SQL Injection Vulnerability CWE-89 8.1 -2025-01-11
CVE-2024-3393 PAN-OS: Firewall Denial of Service (DoS) in DNS Security Using a Specially Crafted Packet CWE-754 7.5 -2024-12-27
CVE-2024-9474 PAN-OS: Privilege Escalation (PE) Vulnerability in the Web Management Interface CWE-78 7.2AIHighAI2024-11-18

All 41 known CVE vulnerabilities affecting Cloud NGFW with full Chinese analysis, references, and POCs where available.