Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody†user.
| Capability ID | Capability Description | Mapping Type | ATT&CK ID | ATT&CK Name | Notes |
|---|---|---|---|---|---|
| CVE-2025-0111 | Palo Alto Networks PAN-OS File Read Vulnerability | exploitation_technique | T1068 | Exploitation for Privilege Escalation |
Comments
This exploit is part of a chain of exploits (with CVE-2025-0108 and CVE-2024-9474) that can end with an attacker gaining root access to the system. After bypassing authentication with CVE-2025-0108, the attacker can exploit this to gain read access to system files with "nobody" privileges.
References
|
| CVE-2025-0111 | Palo Alto Networks PAN-OS File Read Vulnerability | primary_impact | T1005 | Data from Local System |
Comments
This exploit is part of a chain of exploits (with CVE-2025-0108 and CVE-2024-9474) that can end with an attacker gaining root access to the system. After bypassing authentication with CVE-2025-0108, the attacker can exploit this to gain read access to system files with "nobody" privileges.
References
|