关联漏洞
标题:
PAN-OS:管理Web界面身份验证绕过漏洞
(CVE-2025-0108)
描述:在 Palo Alto Networks 的 PAN-OS 软件中存在一个认证绕过漏洞,使得具有访问管理 Web 界面网络权限的未认证攻击者能够绕过 PAN-OS 管理 Web 界面所需的认证,并调用某些 PHP 脚本。尽管调用这些 PHP 脚本不会导致远程代码执行,但它可能对 PAN-OS 的完整性和保密性造成负面影响。
根据我们的推荐最佳实践部署指南(https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431),通过仅将访问管理 Web 界面的权限限制给受信任的内部 IP 地址,可以大大降低该问题的风险。
此问题不影响 Cloud NGFW 或 Prisma Access 软件。
描述
Detects an authentication bypass vulnerability in Palo Alto PAN-OS (CVE-2025-0108).
介绍
# CVE-2025-0108 PAN-OS: Authentication Bypass in the Management Web Interface
An authentication bypass in the Palo Alto Networks PAN-OS software enables an unauthenticated attacker with network access to the management web interface to bypass the authentication otherwise required by the PAN-OS management web interface and invoke certain PHP scripts. While invoking these PHP scripts does not enable remote code execution, it can negatively impact integrity and confidentiality of PAN-OS.
You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines.
This issue does not affect Cloud NGFW or Prisma Access software.
Reference:
https://securityadvisories.paloaltonetworks.com/CVE-2025-0108
https://www.helpnetsecurity.com/2025/02/13/pan-os-authentication-bypass-palo-alto-networks-poc-cve-2025-0108/
文件快照
[4.0K] /data/pocs/3dab8eec058120dc97f4c47faabc07c41d24226c
├── [2.2K] CVE-2025-0108-SCAN.py
└── [ 952] README.md
0 directories, 2 files
备注
1. 建议优先通过来源进行访问。
2. 如果因为来源失效或无法访问,请发送邮箱到 f.jinxu#gmail.com 索取本地快照(把 # 换成 @)。
3. 神龙已为您对POC代码进行快照,为了长期维护,请考虑为本地POC付费,感谢您的支持。