CVE-2025-4231— PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface

EPSS 0.64% · P71 Updated Feb 27, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2025-4231

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface

Source: NVD (National Vulnerability Database)

Vulnerability Description

A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated administrative user to perform actions as the root user. The attacker must have network access to the management web interface and successfully authenticate to exploit this issue. Cloud NGFW and Prisma Access are not impacted by this vulnerability.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

在命令中使用的特殊元素转义处理不恰当(命令注入)

Source: NVD (National Vulnerability Database)

Vulnerability Title

Palo Alto Networks PAN-OS 命令注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Palo Alto Networks PAN-OS是美国Palo Alto Networks公司的一套为其防火墙设备开发的操作系统。 Palo Alto Networks PAN-OS存在命令注入漏洞，该漏洞源于经过身份验证的管理员可以执行root用户操作。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE
Palo Alto Networks	Cloud NGFW	-	-
Palo Alto Networks	PAN-OS	11.0.0 ~ 11.0.3	`cpe:2.3:o:palo_alto_networks:pan-os:11.0.2:::::::*`
Palo Alto Networks	Prisma Access	-	-

II. Public POCs for CVE-2025-4231

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2025-4231

请登录查看更多情报信息。

https://nvd.nist.gov/vuln/detail/CVE-2025-4231

Same Patch Batch · Palo Alto Networks · 2025-06-12 · 5 CVEs total

CVE-2025-4228		Cortex XDR Broker VM: Privilege Escalation (PE) Vulnerability
CVE-2025-4230		PAN-OS: Authenticated Admin Command Injection Vulnerability Through CLI
CVE-2025-4232		GlobalProtect: Authenticated Code Injection Through Wildcard on macOS
CVE-2025-4233		Prisma Access Browser: Inappropriate implementation in Cache

IV. Related Vulnerabilities

Same product: Cloud NGFW

Same vendor: Palo Alto Networks

Same weakness: CWE-77

V. Comments for CVE-2025-4231

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2025-4231— PAN-OS: Authenticated Admin Command Injection Vulnerability in the Management Web Interface

I. Basic Information for CVE-2025-4231

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2025-4231

III. Intelligence Information for CVE-2025-4231

Same Patch Batch · Palo Alto Networks · 2025-06-12 · 5 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2025-4231

Leave a comment