Main Vulnerability Database Exploits ID:11155 - Exploit for Missing Authentication for Critical Function in Palo Alto PAN-OS - CVE-2025-0108

ID:11155 - Exploit for Missing Authentication for Critical Function in Palo Alto PAN-OS - CVE-2025-0108

Published: February 21, 2025

Vulnerability identifier: #VU103926

Vulnerability risk: High

CVE-ID: CVE-2025-0108

CWE-ID: CWE-306

Exploitation vector: Remote access

Vulnerable software:
Palo Alto PAN-OS

Link to public exploit:

https://github.com/barcrange/CVE-2025-0108-Authentication-Bypass-checker

Vulnerability description

The vulnerability allows a remote attacker to gain unauthorized access to the system.

The vulnerability exists due to missing authorization in web management interface. A remote non-authenticated attacker can request directly certain PHP scripts to bypass authentication process and gain unauthorized access to the system.

Remediation

Install updates from vendor's website.

ID:11155 - Exploit for Missing Authentication for Critical Function in Palo Alto PAN-OS - CVE-2025-0108

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human