Summary: The video discusses the discovery of a zero-day vulnerability (CVE-2025-0018) affecting Palo Alto Networks’ Panos software. This vulnerability allows unauthorized access to internal PHP scripts by bypassing authentication, although it does not enable remote code execution. Exploiting misconfigurations in multi-part systems can lead to file traversal and execution within Panos.
Keypoints:
- A new zero-day vulnerability (CVE-2025-0018) was discovered in Palo Alto Networks’ Panos software.
- The vulnerability allows bad actors to bypass authentication and invoke internal PHP scripts.
- Though it does not allow for remote code execution, it can exploit configuration issues in web servers like Nginx and Apache.
- Attackers can leverage multiple parsing of URLs to traverse and execute files within the system.
- Various versions of Panos are affected, and more information is provided in the linked write-up.
Youtube Video: https://www.youtube.com/watch?v=lUwbNxM2Zv8
Youtube Channel: Hak5
Video Published: Sat, 22 Feb 2025 17:01:00 +0000