{"uuid": "a5a7937f-d833-495f-b0dc-666cc7e1350c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-0111", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4861", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0111\n\ud83d\udd25 CVSS Score: 7.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/AU:N/R:U/V:C/RE:M/U:Red)\n\ud83d\udd39 Description: An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an authenticated attacker with network access to the management web interface to read files on the PAN-OS filesystem that are readable by the \u201cnobody\u201d user.\n\nYou can greatly reduce the risk of this issue by restricting access to the management web interface to only trusted internal IP addresses according to our recommended  best practices deployment guidelines https://live.paloaltonetworks.com/t5/community-blogs/tips-amp-tricks-how-to-secure-the-management-access-of-your-palo/ba-p/464431 .\n\n\n\nThis issue does not affect Cloud NGFW or Prisma Access software.\n\ud83d\udccf Published: 2025-02-12T20:58:43.387Z\n\ud83d\udccf Modified: 2025-02-21T04:56:10.218Z\n\ud83d\udd17 References:\n1. https://security.paloaltonetworks.com/CVE-2025-0111", "creation_timestamp": "2025-02-21T05:18:30.000000Z"}