OS Command Injection Vulnerability in Palo Alto Networks Expedition
CVE-2025-0107

6.3MEDIUM

Key Information:

Vendor: Palo Alto Networks
Status: Cloud Ngfw; Expedition; Panorama; Pan-os
Vendor: CVE Published:; 11 January 2025

Badges

👾 Exploit Exists

Summary

An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to execute arbitrary OS commands with the privileges of the www-data user. This can lead to serious security breaches, including unauthorized access to usernames, cleartext passwords, configuration files for devices, and API keys used for managing firewalls running PAN-OS software.

Affected Version(s)

Expedition 1 < 1.2.100

Cloud NGFW All

PAN-OS All

References

https://security.paloaltonetworks.com/PAN-SA-2025-0001

vendor-advisory

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

👾
Exploit known to exist
Jan 11, 2025
Vulnerability published
Jan 11, 2025

Collectors

NVD DatabaseMitre Database

Credit

An independent security researcher working with SSD Secure Disclosure

Advanced Research Team, CrowdStrike