CVE-2025-0108

This PoC demonstrates an authentication bypass vulnerability in PanOS by exploiting a path traversal flaw in the `/unauth/%252e%252e/php/ztp_gate.php/PAN_help/x.css` endpoint. It checks for the presence of 'Zero Touch Provisioning' in the response to confirm vulnerability.

This repository provides a Nuclei template for detecting CVE-2025-0108, an authentication bypass vulnerability in Palo Alto Networks' PAN-OS. The template sends crafted HTTP requests to test for the vulnerability.

This repository provides an Nmap NSE script to scan for CVE-2025-0108 in Palo Alto Networks devices. It does not contain exploit code but serves as a detection tool for vulnerable targets.

This repository contains a Python script that scans for CVE-2025-0108, an authentication bypass vulnerability in Palo Alto PAN-OS. The script checks for the presence of a specific endpoint and response content to determine vulnerability.

This repository contains a Python-based vulnerability scanner for CVE-2025-0108, an authentication bypass flaw in Palo Alto Networks' PAN-OS. The script checks for the presence of 'Zero Touch Provisioning' in the response to a crafted HTTP request, indicating potential vulnerability.

This repository contains a functional PoC for CVE-2025-0108, demonstrating an authentication bypass vulnerability via path confusion and header smuggling in a multi-layer stack (Nginx -> Flask backend -> Apache/PHP). The vulnerable version allows double-encoded paths to bypass authentication, while the fixed version includes backend-side mitigation.

This repository contains a Python script that checks for the CVE-2025-0108 authentication bypass vulnerability in PAN-OS devices by sending a crafted HTTP request and analyzing the response for indicators of vulnerability.