OS Command Injection Vulnerability in Palo Alto Networks Expedition
CVE-2025-0107
7.7HIGH
Key Information:
- Vendor
- Palo Alto Networks
- Vendor
- CVE Published:
- 11 January 2025
Badges
👾 Exploit Exists📰 News Worthy
Summary
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to execute arbitrary OS commands with the privileges of the www-data user. This can lead to serious security breaches, including unauthorized access to usernames, cleartext passwords, configuration files for devices, and API keys used for managing firewalls running PAN-OS software.
Affected Version(s)
Expedition 1 < 1.2.100
Cloud NGFW All
PAN-OS All
Get notified when SecurityVulnerability.io launches alerting 🔔
Well keep you posted 📧
News Articles

PoC Exploit Released for Palo Alto Expedition Tool OS Command Injection Vulnerability
A recently disclosed vulnerability in Palo Alto Networks' Expedition tool has raised significant security concerns, as a proof-of-concept (PoC) exploit has been released for CVE-2025-0107.
References
CVSS V4
Score:
7.7
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None
Timeline
- 📰
First article discovered by CybersecurityNews
- 👾
Exploit known to exist
Vulnerability published
Credit
An independent security researcher working with SSD Secure Disclosure
Advanced Research Team, CrowdStrike