cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-0103,https://securityvulnerability.io/vulnerability/CVE-2025-0103,SQL Injection Vulnerability in Palo Alto Networks Expedition,"An SQL injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to access sensitive database information. This includes revealing password hashes, usernames, device configurations, and API keys. Moreover, the flaw can be exploited to create and read arbitrary files on the Expedition system, further compromising its integrity and security. It is crucial for users of Expedition to apply security patches and follow best practices to mitigate this risk.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",9.2,CRITICAL,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,70
CVE-2025-0107,https://securityvulnerability.io/vulnerability/CVE-2025-0107,OS Command Injection Vulnerability in Palo Alto Networks Expedition,"An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to execute arbitrary OS commands with the privileges of the www-data user. This can lead to serious security breaches, including unauthorized access to usernames, cleartext passwords, configuration files for devices, and API keys used for managing firewalls running PAN-OS software.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",6.3,MEDIUM,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2025-0104,https://securityvulnerability.io/vulnerability/CVE-2025-0104,Reflected Cross-Site Scripting Vulnerability in Palo Alto Networks Expedition,"A reflected cross-site scripting vulnerability exists in Palo Alto Networks Expedition that permits attackers to execute malicious JavaScript code. This can occur when an authenticated user clicks on a specially crafted link, resulting in potential phishing attacks and the theft of their browser session. This vulnerability highlights the importance of user caution and proactive security measures to mitigate the risks associated with online threats.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",7,HIGH,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2025-0105,https://securityvulnerability.io/vulnerability/CVE-2025-0105,Arbitrary File Deletion Vulnerability in Palo Alto Networks Expedition,"An arbitrary file deletion vulnerability in Palo Alto Networks Expedition permits an unauthenticated attacker to delete files that are accessible to the www-data user on the host filesystem. This flaw could potentially be exploited to compromise the integrity of the system, allowing unauthorized manipulation of files critical to the operation of the affected application.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",6.9,MEDIUM,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2025-0106,https://securityvulnerability.io/vulnerability/CVE-2025-0106,Wildcard Expansion Vulnerability in Palo Alto Networks Expedition,"A wildcard expansion vulnerability exists in Palo Alto Networks Expedition, which allows unauthenticated attackers to enumerate files on the host filesystem. This weakness could potentially lead to exposing sensitive information and escalate further attacks on the system. It is vital for users of Expedition to review security advisories and implement recommended patches to mitigate this risk.",Palo Alto Networks,"Cloud Ngfw,Expedition,Panorama,Pan-os,Prisma Access",6.9,MEDIUM,0.0004299999854993075,false,false,false,true,false,false,false,2025-01-11T03:15:00.000Z,0
CVE-2024-9464,https://securityvulnerability.io/vulnerability/CVE-2024-9464,OS Command Injection Vulnerability in Palo Alto Networks Expedition,"An OS command injection vulnerability exists in Palo Alto Networks Expedition, permitting an authenticated attacker to execute arbitrary operating system commands with root privileges. This can lead to the exposure of critical information such as usernames, cleartext passwords, device configurations, and API keys associated with PAN-OS firewalls. The vulnerability poses a significant risk to the security of systems utilizing Expedition, emphasizing the importance of applying necessary security measures and updates.",Palo Alto Networks,Expedition,6.5,MEDIUM,0.0005099999834783375,false,true,false,true,true,true,false,2024-10-09T17:15:00.000Z,7244
CVE-2024-9467,https://securityvulnerability.io/vulnerability/CVE-2024-9467,Expedition: Reflected Cross-Site Scripting Vulnerability Leads to Expedition Session Disclosure,"A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.",Palo Alto Networks,Expedition,6.1,MEDIUM,0.0004600000102072954,false,false,false,true,,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-9463,https://securityvulnerability.io/vulnerability/CVE-2024-9463,Palo Alto Networks Expedition OS Command Injection Vulnerability,"The Palo Alto Networks Expedition tool has multiple critical vulnerabilities (CVE-2024-9463 to CVE-2024-9467) including OS command injection, SQL injection, cleartext storage of sensitive information, and cross-site scripting. These vulnerabilities can result in unauthorized access, credential theft, and administrative takeover. The vulnerabilities affect all versions of Expedition below 1.2.96, and urgent patching is recommended. The potential impact of exploitation includes disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls, with the risk of sensitive data theft. There are no known exploits by ransomware groups at this time, but proactive measures such as upgrading to the latest version of Expedition, limiting network access, rotating credentials, and monitoring access logs are advised to minimize the risk of exploitation.",Palo Alto Networks,Expedition,7.5,HIGH,0.9612200260162354,true,true,false,true,,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-9466,https://securityvulnerability.io/vulnerability/CVE-2024-9466,Sensitive Information Vulnerability in Palo Alto Networks Expedition,"The vulnerability CVE-2024-9466 in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials. The flaws were found in Palo Alto Networks' Expedition solution, which can be exploited to access sensitive data, such as user credentials, that can help take over firewall admin accounts. The vulnerabilities include command injection, reflected cross-site scripting, cleartext storage of sensitive information, missing authentication, and SQL injection vulnerabilities. A proof-of-concept exploit has been made available, but there is no evidence that the security flaws have been exploited in attacks. Palo Alto Networks has provided security updates in Expedition 1.2.96 to address these vulnerabilities and recommend that affected credentials be rotated after the upgrade.",Palo Alto Networks,Expedition,6.5,MEDIUM,0.0004900000058114529,false,true,false,true,true,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-9465,https://securityvulnerability.io/vulnerability/CVE-2024-9465,UnAuthenticated SQL Injection Vulnerability in Palo Alto Networks Expedition,"An SQL injection flaw in Palo Alto Networks Expedition presents a serious risk by allowing unauthenticated attackers to access and extract sensitive data from the Expedition database. This includes potential exposure of password hashes, usernames, device configurations, and API keys, all of which can be leveraged to enhance the attacker's capability. Additionally, the vulnerability enables unauthorized file creation and reading within the Expedition environment, raising significant concerns for data integrity and confidentiality.",Palo Alto Networks,Expedition,9.1,CRITICAL,0.9486500024795532,true,true,false,true,true,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-5910,https://securityvulnerability.io/vulnerability/CVE-2024-5910,Expedition Admin Account Takeover Risk Due to Missing Authentication,"A critical vulnerability exists in Palo Alto Networks Expedition, where insufficient authentication mechanisms can be exploited, allowing unauthorized users to gain admin access. This flaw poses a serious risk, as attackers with network access can take control of Expedition admin accounts, potentially leading to exposure of sensitive configuration data, including secrets and credentials. Such a breach not only compromises the integrity of configuration management but also threatens the overall security posture of the affected systems.",Palo Alto Networks,Expedition,9.8,CRITICAL,0.9676100015640259,true,true,false,true,true,true,true,2024-07-10T18:39:26.006Z,5555
CVE-2020-1977,https://securityvulnerability.io/vulnerability/CVE-2020-1977,Expedition Migration Tool: Insufficient Cross Site Request Forgery protection.,Insufficient Cross-Site Request Forgery (XSRF) protection on Expedition Migration Tool allows remote unauthenticated attackers to hijack the authentication of administrators and to perform actions on the Expedition Migration Tool. This issue affects Expedition Migration Tool 1.1.51 and earlier versions.,Palo Alto Networks,Expedition,7.5,HIGH,0.0014100000262260437,false,false,false,false,,false,false,2020-02-12T00:00:00.000Z,0
CVE-2019-1574,https://securityvulnerability.io/vulnerability/CVE-2019-1574,,Cross-site scripting (XSS) vulnerability in Palo Alto Networks Expedition Migration tool 1.1.12 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the Devices View.,Palo Alto Networks,Expedition Migration Tool,5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2019-04-12T16:57:14.000Z,0
CVE-2019-1567,https://securityvulnerability.io/vulnerability/CVE-2019-1567,,The Expedition Migration tool 1.1.6 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings.,Palo Alto Networks,Palo Alto Networks Expedition Migration Tool,5.4,MEDIUM,0.000539999979082495,false,false,false,false,,false,false,2019-04-09T19:15:43.000Z,0
CVE-2018-10143,https://securityvulnerability.io/vulnerability/CVE-2018-10143,,The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.,Palo Alto Networks,Palo Alto Networks Expedition,9.8,CRITICAL,0.004699999932199717,false,false,false,false,,false,false,2018-12-12T00:00:00.000Z,0
CVE-2018-10142,https://securityvulnerability.io/vulnerability/CVE-2018-10142,,The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.,Palo Alto Networks,Palo Alto Networks Expedition,7.5,HIGH,0.0010600000387057662,false,false,false,false,,false,false,2018-11-27T21:00:00.000Z,0