← back
CVE-2024-9464

Expedition: Authenticated OS Command Injection Vulnerability Leads to Firewall Admin Credential Disclosure

CVSS 9.3 CRITICALEPSS 81.7%CWE-78
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber
Affected products
Palo Alto Networks · Expedition
public PoCs found2
githubgithub.com/horizon3ai/CVE-2024-946444cve_referencewww.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://security.paloaltonetworks.com/PAN-SA-2024-0010https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/