OS Command Injection Vulnerability in Palo Alto Networks Expedition
CVE-2025-0107

7.7HIGH

Key Information:

Vendor
Palo Alto Networks
Status
Cloud Ngfw
Expedition
Panorama
Pan-os
Vendor
CVE Published:
11 January 2025

Badges

👾 Exploit Exists🟣 EPSS 27%📰 News Worthy

Summary

An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to execute arbitrary OS commands with the privileges of the www-data user. This can lead to serious security breaches, including unauthorized access to usernames, cleartext passwords, configuration files for devices, and API keys used for managing firewalls running PAN-OS software.

Affected Version(s)

Expedition 1 < 1.2.100

Cloud NGFW All

PAN-OS All

News Articles

favicon imageCybersecurityNews

PoC Exploit Released for Palo Alto Expedition Tool OS Command Injection Vulnerability

A recently disclosed vulnerability in Palo Alto Networks' Expedition tool has raised significant security concerns, as a proof-of-concept (PoC) exploit has been released for CVE-2025-0107.

References

https://security.paloaltonetworks.com/PAN-SA-2025-0001
vendor-advisory

EPSS Score

27% chance of being exploited in the next 30 days.

CVSS V4

Score:
7.7
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 📰

    First article discovered by CybersecurityNews

  • 👾

    Exploit known to exist

  • Vulnerability published

Credit

An independent security researcher working with SSD Secure Disclosure
Advanced Research Team, CrowdStrike
.