NA
CVSSv3

CVE-2025-0107

CVSSv4: 7.7 | CVSSv3: NA | CVSSv2: NA | VMScore: 870 | EPSS: 0.00043 | KEV: Not Included
Published: 11/01/2025 Updated: 15/01/2025

Vulnerability Summary

Authenticated OS Command Injection in Palo Alto Networks Expedition

Palo Alto Networks Expedition has a command injection vulnerability. An authenticated attacker can execute any OS commands as the www-data user. This can reveal usernames, plain text passwords, device configurations, and API keys for firewalls using PAN-OS software.

Solution

This issue is fixed in Expedition 1.2.100 and all later versions* of Expedition.

* Expedition reached its End of Life (EoL) date https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 and is no longer supported. We added these fixes prior to the EoL date and we do not plan to make any additional updates or security fixes. Please use the suggested alternatives listed in the Expedition End of Life Announcement https://live.paloaltonetworks.com/t5/expedition-articles/important-update-end-of-life-announcement-for-palo-alto-networks/ta-p/589642 .

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

palo alto networks cloud ngfw

palo alto networks expedition

palo alto networks panorama

palo alto networks pan-os

palo alto networks prisma access