Authenticated OS Command Injection in Palo Alto Networks Expedition
Palo Alto Networks Expedition has a command injection vulnerability. An authenticated attacker can execute any OS commands as the www-data user. This can reveal usernames, plain text passwords, device configurations, and API keys for firewalls using PAN-OS software.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
palo alto networks cloud ngfw |
||
palo alto networks expedition |
||
palo alto networks panorama |
||
palo alto networks pan-os |
||
palo alto networks prisma access |