OS Command Injection Vulnerability in Palo Alto Networks Expedition
CVE-2025-0107

7.7HIGH

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Expedition; Panorama; Pan-os
Vendor: CVE Published:; 11 January 2025

Badges

👾 Exploit Exists📰 News Worthy

Summary

An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to execute arbitrary OS commands with the privileges of the www-data user. This can lead to serious security breaches, including unauthorized access to usernames, cleartext passwords, configuration files for devices, and API keys used for managing firewalls running PAN-OS software.

Affected Version(s)

Expedition 1 < 1.2.100

Cloud NGFW All

PAN-OS All

News Articles

CybersecurityNews

CVE-2025-0107

PoC Exploit Released for Palo Alto Expedition Tool OS Command Injection Vulnerability

A recently disclosed vulnerability in Palo Alto Networks' Expedition tool has raised significant security concerns, as a proof-of-concept (PoC) exploit has been released for CVE-2025-0107.

References

https://security.paloaltonetworks.com/PAN-SA-2025-0001

vendor-advisory

CVSS V4

Score:

7.7

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

📰
First article discovered by CybersecurityNews
Jan 18, 2025
👾
Exploit known to exist
Jan 11, 2025
Vulnerability published
Jan 11, 2025

Credit

An independent security researcher working with SSD Secure Disclosure

Advanced Research Team, CrowdStrike