AI description
CVE-2025-0110 is a command injection vulnerability found in the Palo Alto Networks PAN-OS OpenConfig plugin. This vulnerability allows an authenticated administrator, who can make gNMI requests to the PAN-OS management web interface, to execute arbitrary commands, bypassing system restrictions. These commands run with the privileges of the "__openconfig" user, who has Device Administrator rights on the firewall. Exploitation of this vulnerability requires administrator privileges and the OpenConfig plugin to be enabled. The vulnerability exists in versions of the OpenConfig plugin prior to 2.1.2. Upgrading to version 2.1.2 or later is the recommended mitigation. Additionally, restricting access to the management web interface to trusted internal IP addresses is a crucial security measure to reduce the risk of exploitation.
- Description
- A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run arbitrary commands. The commands are run as the “__openconfig” user (which has the Device Administrator role) on the firewall. You can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .
- Source
- psirt@paloaltonetworks.com
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 8.6
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber
- Severity
- HIGH
- psirt@paloaltonetworks.com
- CWE-78
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
4
PoC released for CVE-2025-0110; allows authenticated administrators to inject malicious commands into the 'type' parameter of an XPATH query during syslog retrieval via the PAN-OS OpenConfig plugin enabling arbitrary command execution. https://t.co/M4etzXku7C
@GrimmAnalyst
21 Feb 2025
1280 Impressions
12 Retweets
23 Likes
6 Bookmarks
0 Replies
0 Quotes
Google publica un PoC para la inyección de comandos CVE-2025-0110 en cortafuegos PAN-OS Utilizando la herramienta gnmic, un atacante puede ejecutar comandos bash arbitrarios en el dispositivo PAN-OS: https://t.co/nRKOlpgmYh
@elhackernet
21 Feb 2025
2625 Impressions
8 Retweets
30 Likes
4 Bookmarks
0 Replies
0 Quotes
🚨🚨CVE-2025-0110 Drops! Google Just Unleashed a PoC Exploit for a Nasty Palo Alto Firewall Command Injection Flaw! 🔥PoC: https://t.co/KxLMIGdaFz 💻Detials: https://t.co/NwuVfI0J2i ZoomEye Dork👉app="Palo Alto Networks PAN-OS Firewall" Over 3.7K vulnerable devices popped up!… h
@zoomeye_team
21 Feb 2025
65 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Google Releases PoC for CVE-2025-0110 Command Injection in PAN-OS Firewalls https://t.co/JZGXVXRjnF
@Dinosn
21 Feb 2025
6277 Impressions
35 Retweets
80 Likes
27 Bookmarks
0 Replies
2 Quotes
パロアルトネットワークス社PAN-OSの脆弱性CVE-2025-0110に対応するPoC(攻撃の概念実証コード)をGoogleが公表。CVSSv4スコア8.6で、認証後攻撃者による任意コード実行。OpenConfig APIにXPATHクエリ構造を悪用する細工されたリクエストを送信することで発現。 https://t.co/UkuzO2NvUn
@__kokumoto
21 Feb 2025
1351 Impressions
2 Retweets
17 Likes
2 Bookmarks
0 Replies
0 Quotes
Palo Alto Networks has addressed two high-severity PAN-OS vulnerabilities: CVE-2025-0108 (auth bypass) and CVE-2025-0110 (command injection). Update software & secure access! 🔒 #PaloAlto #InformationSecurity #USA link: https://t.co/V3tckATlBs https://t.co/JoPMwP7q4N
@TweetThreatNews
13 Feb 2025
27 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-0108 & CVE-2025-0110: Palo Alto Networks Fixes High-Severity PAN-OS Vulnerabilities https://t.co/Stmg7sbaeE
@Dinosn
13 Feb 2025
3255 Impressions
13 Retweets
30 Likes
8 Bookmarks
0 Replies
0 Quotes