Exposures › CVE-2025-0111
CVE-2025-0111
Severity
high · on CISA KEV actively exploited
Source
CISA-KEV · kev
Published
2025-02-20
Reference
⌖ exploited in the wild
shame 50/100
exploited-in-wild
Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.
Players implicated
Description
Palo Alto Networks PAN-OS contains an external control of file name or path vulnerability. Successful exploitation enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the “nobody” user.
Affected FedRAMP products 2 in the catalog
| Product | Provider | Status | Match |
|---|---|---|---|
| GCS-HIGH | Palo Alto Networks, Inc. | Ready | vendor-exact · 0.90 |
| Palo Alto Networks Government Cloud Services | Palo Alto Networks, Inc. | Authorized | vendor-exact · 0.90 |