Lucene search
K

13 matches found

Packet Storm
Packet Storm
added 2025/04/07 12:0 a.m.306 views

📄 Palo Alto Networks Expedition 1.2.90.1 Privilege Escalation

Palo Alto Networks Expedition version 1.2.90.1 proof of concept exploit that allows for an administrative password reset. - Exploit Title: PoC for Admin Account Password Reset of Palo Alto Networks Expedition tool - Shodan Dork: html:"expedition project" - FOFA Dork: "expedition project" &&...

9.8CVSS10AI score0.91783EPSS
Exploits9
Exploit DB
Exploit DB
added 2025/04/06 12:0 a.m.353 views

Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover

Exploit Title: Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover Shodan Dork: html:"expedition project" FOFA Dork: "expedition project" && iconhash="1499876150" Exploit Author: ByteHunter Email: [email protected] Vulnerable Versions: 1.2 1.2.92 Tested on: 1.2.90.1 & 1.2.75 CVE ...

9.8CVSS9.8AI score0.91783EPSS
Exploits9
Rapid7 Blog
Rapid7 Blog
added 2024/11/15 8:37 p.m.34 views

Metasploit Weekly Wrap-Up: 11/15/2024

Palo Alto Expedition RCE module This week's release includes an exploit module for the Palo Alto Expedition exploit chain that's been making headlines recently. The first vulnerability, CVE-2024-5910, allows attackers to reset the password of the admin user. The second vulnerability, CVE-2024-946...

9.3CVSS8.6AI score0.91783EPSS
Exploits14
0day.today
0day.today
added 2024/11/14 12:0 a.m.221 views

Palo Alto Expedition 1.2.91 Remote Code Execution Exploit

This Metasploit module lets you obtain remote code execution in Palo Alto Expedition versions 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a defau...

9.3CVSS8.6AI score0.91783EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2024/11/14 12:0 a.m.20 views

Palo Alto Expedition 1.2.x < 1.2.92 (CVE-2024-5910)

The version of Palo Alto Expedition installed on the remote host is prior to 1.2.92. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5910 advisory. - Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account...

9.8CVSS8.7AI score0.91783EPSS
Exploits9References2
Metasploit
Metasploit
added 2024/11/13 6:55 p.m.351 views

Palo Alto Expedition Remote Code Execution (CVE-2024-5910 and CVE-2024-9464)

Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a default installation, commands will ge...

9.8CVSS8.8AI score0.91783EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.483 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.3AI score0.91783EPSS
Exploits14
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.314 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.4AI score0.91783EPSS
Exploits14
The Hacker News
The Hacker News
added 2024/11/09 6:12 a.m.117 views

Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns

Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the...

9.3CVSS10AI score0.91783EPSS
Exploits9
The Hacker News
The Hacker News
added 2024/11/08 5:17 a.m.50 views

CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 CVS...

10CVSS8.4AI score0.91783EPSS
Exploits16
The Hacker News
The Hacker News
added 2024/07/11 3:19 p.m.103 views

Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool

Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 CVSS score: 9.3, the vulnerability has been described as a case of missing authentication in its...

9.8CVSS9.3AI score0.91783EPSS
Exploits11
Circl
Circl
added 2024/07/10 9:49 p.m.8 views

CVE-2024-5910

creationtimestamp| type| source ---|---|--- 2024-07-10 21:49:07+00:00| seen| https://t.me/cvedetector/576 2024-07-11 18:30:56+00:00| seen| Telegram/eiA4EV3lx2Xj5K19ERbsqWvZ2LELjbyg0wyACGwCEiaNQ 2024-07-11 19:22:11+00:00| seen| https://t.me/KomunitiSiber/2241 2024-07-11 20:09:42+00:00| seen|...

9.8CVSS7.1AI score0.91783EPSS
Exploits9References31
Cvelist
Cvelist
added 2024/07/10 6:39 p.m.65 views

CVE-2024-5910 Expedition: Missing Authentication Leads to Admin Account Takeover

Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credential...

9.3CVSS0.91783EPSS
Exploits9References1
Rows per page
Query Builder