CVE-2024-9464

MEDIUM

Paloaltonetworks Expedition < 1.2.96 - OS Command Injection

Title source: rule

Description

An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

Exploits (3)

nomisec WORKING POC 45 stars

by horizon3ai · poc

https://github.com/horizon3ai/CVE-2024-9464

View Code ZIP pw:eip

github

by p33d · poc

https://github.com/p33d/Palo-Alto-Expedition-Remote-Code-Execution-Exploit-CVE-2024-5910-CVE-2024-9464

metasploit WORKING POC EXCELLENT

by Michael Heinzl, Zach Hanley, Enrique Castillo, Brian Hysell · rubypoc

https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/paloalto_expedition_rce.rb

View Code ZIP pw:eip

References (2)

[Vendor Advisory] https://security.paloaltonetworks.com/PAN-SA-2024-0010

[Various Sources] https://www.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/

Scores

CVSS v3 6.5

EPSS 0.8531

EPSS Percentile 99.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-78

Status published

Products (1)

paloaltonetworks/expedition 1.2.0 - 1.2.96

Published Oct 09, 2024

Tracked Since Feb 18, 2026