RCE in Palo Alto Networks Pan-os Openconfig Plugin

CVE-2025-0110

A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an authenticated administrator with the ability to make gNMI requests to the PAN-OS management web interface to bypass system restrictions and run…

Vulnerability class: Command Injection (OS Command Injection)

EPSS: 0.012 (65.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References