Palo Alto Networks Expedition - OS Command Injection

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

22 days

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.


References:
Get started to protecting your digital assets