RCE in Palo Alto Networks Pan-os Openconfig Plugin
CVE-2025-0110
A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run…
Vulnerability class: Command Injection (OS Command Injection)
EPSS: 0.012 (65.1th percentile) — read the EPSS interpretation.
Affected products
- Palo Alto Networks Pan-os Openconfig Plugin — versions 1.0.0
Weakness classification (CWE)
References
- psirt@paloaltonetworks.com (vendor-advisory)