cvedb.io
CVE-2025-4231
HIGH · CVSS 7.2
EPSS exploitation probability: 0%
Published 2025-06-13T00:15:23.533 · Last modified 2026-06-17T09:32:49.507

Summary

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Affected products

paloaltonetworks — pan-os

Does this affect you?

Add your gear to cvedb and we'll alert you only when paloaltonetworks ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.