Lucene search
+L

8 matches found

Rapid7 Blog
Rapid7 Blog
added 2024/11/15 8:37 p.m.34 views

Metasploit Weekly Wrap-Up: 11/15/2024

Palo Alto Expedition RCE module This week's release includes an exploit module for the Palo Alto Expedition exploit chain that's been making headlines recently. The first vulnerability, CVE-2024-5910, allows attackers to reset the password of the admin user. The second vulnerability, CVE-2024-946...

9.3CVSS8.6AI score0.91783EPSS
Exploits14
0day.today
0day.today
added 2024/11/14 12:0 a.m.222 views

Palo Alto Expedition 1.2.91 Remote Code Execution Exploit

This Metasploit module lets you obtain remote code execution in Palo Alto Expedition versions 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a defau...

9.3CVSS8.6AI score0.91783EPSS
Exploits14
Metasploit
Metasploit
added 2024/11/13 6:55 p.m.354 views

Palo Alto Expedition Remote Code Execution (CVE-2024-5910 and CVE-2024-9464)

Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the second vulnerability, CVE-2024-9464, is an authenticated OS command injection. In a default installation, commands will ge...

9.8CVSS8.8AI score0.91783EPSS
Exploits9
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.317 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.4AI score0.91783EPSS
Exploits14
Packet Storm
Packet Storm
added 2024/11/13 12:0 a.m.485 views

Palo Alto Expedition 1.2.91 Remote Code Execution

class MetasploitModule 'Palo Alto Expedition Remote Code Execution CVE-2024-5910 and CVE-2024-9464', 'Description' = %q Obtain remote code execution in Palo Alto Expedition version 1.2.91 and below. The first vulnerability, CVE-2024-5910, allows to reset the password of the admin user, and the...

9.8CVSS7.3AI score0.91783EPSS
Exploits14
Tenable Nessus
Tenable Nessus
added 2024/10/21 12:0 a.m.64 views

Palo Alto Expedition < 1.2.96 Multiple Vulnerabilties

Palo Alto Expedition versions before 1.2.96 suffer from multiple vulnerabilities: - An unauthenticated OS command Injection vulnerability through the /API/convertCSVtoParquet.php endpoint CVE-2024-9264 - An authenticated OS command injection vulnerability CVE-2024-9464 - An unauthenticated SQL...

9.9CVSS8.2AI score0.99609EPSS
Exploits19References6
The Hacker News
The Hacker News
added 2024/10/10 5:44 a.m.74 views

CISA Warns of Critical Fortinet Flaw as Palo Alto and Cisco Issue Urgent Security Patches

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Wednesday added a critical security flaw impacting Fortinet products to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation. The vulnerability, tracked as CVE-2024-23113 CVSS score: 9.8, relates ...

9.9CVSS10AI score0.99609EPSS
Exploits17
Circl
Circl
added 2024/10/09 4:49 p.m.11 views

CVE-2024-9464

creationtimestamp| type| source ---|---|--- 2024-10-09 16:49:15+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8706 2024-10-09 19:50:17+00:00| seen| https://t.me/cvedetector/7505 2024-10-10 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1393 2024-10-10...

9.3CVSS6.9AI score0.81845EPSS
Exploits5References21
Rows per page
Query Builder