13 matches found
📄 Palo Alto Networks Expedition 1.2.90.1 Privilege Escalation
Palo Alto Networks Expedition version 1.2.90.1 proof of concept exploit that allows for an administrative password reset. - Exploit Title: PoC for Admin Account Password Reset of Palo Alto Networks Expedition tool - Shodan Dork: html:"expedition project" - FOFA Dork: "expedition project" &&...
Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover
Exploit Title: Palo Alto Networks Expedition 1.2.90.1 - Admin Account Takeover Shodan Dork: html:"expedition project" FOFA Dork: "expedition project" && iconhash="1499876150" Exploit Author: ByteHunter Email: [email protected] Vulnerable Versions: 1.2 1.2.92 Tested on: 1.2.90.1 & 1.2.75 CVE ...
Metasploit Weekly Wrap-Up: 11/15/2024
Palo Alto Expedition RCE module This week's release includes an exploit module for the Palo Alto Expedition exploit chain that's been making headlines recently. The first vulnerability, CVE-2024-5910, allows attackers to reset the password of the admin user. The second vulnerability, CVE-2024-946...
Palo Alto Expedition 1.2.91 Remote Code Execution Exploit
This Metasploit module lets you obtain remote code execution in Palo Alto Expedition versions 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a defau...
Palo Alto Expedition 1.2.x < 1.2.92 (CVE-2024-5910)
The version of Palo Alto Expedition installed on the remote host is prior to 1.2.92. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-5910 advisory. - Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account...
Palo Alto Expedition Remote Code Execution (CVE-2024-5910 and CVE-2024-9464)
Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a default installation, commands will ge...
Palo Alto Expedition 1.2.91 Remote Code Execution
class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...
Palo Alto Expedition 1.2.91 Remote Code Execution
class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...
Palo Alto Advises Securing PAN-OS Interface Amid Potential RCE Threat Concerns
Palo Alto Networks on Friday issued an informational advisory urging customers to ensure that access to the PAN-OS management interface is secured because of a potential remote code execution vulnerability. "Palo Alto Networks is aware of a claim of a remote code execution vulnerability via the...
CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a now-patched critical security flaw impacting Palo Alto Networks Expedition to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-5910 CVS...
Palo Alto Networks Patches Critical Flaw in Expedition Migration Tool
Palo Alto Networks has released security updates to address five security flaws impacting its products, including a critical bug that could lead to an authentication bypass. Cataloged as CVE-2024-5910 CVSS score: 9.3, the vulnerability has been described as a case of missing authentication in its...
CVE-2024-5910
creationtimestamp| type| source ---|---|--- 2024-07-10 21:49:07+00:00| seen| https://t.me/cvedetector/576 2024-07-11 18:30:56+00:00| seen| Telegram/eiA4EV3lx2Xj5K19ERbsqWvZ2LELjbyg0wyACGwCEiaNQ 2024-07-11 19:22:11+00:00| seen| https://t.me/KomunitiSiber/2241 2024-07-11 20:09:42+00:00| seen|...
CVE-2024-5910 Expedition: Missing Authentication Leads to Admin Account Takeover
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credential...