Lucene search
+L

8 matches found

rapid7blog
rapid7blog
added 2024/11/15 8:37 p.m.34 views

Metasploit Weekly Wrap-Up: 11/15/2024

Palo Alto Expedition RCE module This week's release includes an exploit module for the Palo Alto Expedition exploit chain that's been making headlines recently. The first vulnerability, CVE-2024-5910, allows attackers to reset the password of the admin user. The second vulnerability, CVE-2024-946...

9.3CVSS8.6AI score0.91783EPSS
Exploits14
zdt
zdt
added 2024/11/14 12:0 a.m.221 views

Palo Alto Expedition 1.2.91 Remote Code Execution Exploit

This Metasploit module lets you obtain remote code execution in Palo Alto Expedition versions 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a defau...

9.3CVSS8.6AI score0.91783EPSS
Exploits14
metasploit
metasploit
added 2024/11/13 6:55 p.m.353 views

Palo Alto Expedition Remote Code Execution (CVE-2024-5910 and CVE-2024-9464)

Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a default installation, commands will ge...

9.8CVSS8.8AI score0.91783EPSS
Exploits9
packetstorm
packetstorm
added 2024/11/13 12:0 a.m.483 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.3AI score0.91783EPSS
Exploits14
packetstorm
packetstorm
added 2024/11/13 12:0 a.m.314 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.4AI score0.91783EPSS
Exploits14
nessus
nessus
added 2024/10/21 12:0 a.m.64 views

Palo Alto Expedition < 1.2.96 Multiple Vulnerabilties

Palo Alto Expedition versions before 1.2.96 suffer from multiple vulnerabilities: - An unauthenticated OS command Injection vulnerability through the /API/convertCSVtoParquet.php endpoint CVE-2024-9264 - An authenticated OS command injection vulnerability CVE-2024-9464 - An unauthenticated SQL...

9.9CVSS8.2AI score0.99597EPSS
Exploits19References6
thn
thn
added 2024/10/10 5:44 a.m.74 views

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-23113 CVSS score: 9.8, relates ...

9.9CVSS10AI score0.99597EPSS
Exploits17
circl
circl
added 2024/10/09 4:49 p.m.11 views

CVE-2024-9464

creationtimestamp| type| source ---|---|--- 2024-10-09 16:49:15+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8706 2024-10-09 19:50:17+00:00| seen| https://t.me/cvedetector/7505 2024-10-10 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1393 2024-10-10...

9.3CVSS6.9AI score0.8171EPSS
Exploits5References21
Rows per page
Query Builder