CVE-2024-9466

MEDIUM

Palo Alto Networks Expedition 1.2.0-1.2.95 - Authenticated Sensitive Information Disclosure in Log Files

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2024-9466. PoCs published by holypryx.

AI-analyzed exploit summary This script checks for CVE-2024-9466 by sending HTTP requests to a specific path (`/home/userSpace/devices/debug.txt`) and analyzing the response status code. It categorizes targets as vulnerable based on a 200 OK response without redirects.

Description

A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.

Exploits (1)

nomisec SCANNER 1 stars
by holypryx · poc
https://github.com/holypryx/CVE-2024-9466

This script checks for CVE-2024-9466 by sending HTTP requests to a specific path (`/home/userSpace/devices/debug.txt`) and analyzing the response status code. It categorizes targets as vulnerable based on a 200 OK response without redirects.

Classification
Scanner 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Unknown (likely a web server or application exposing debug.txt)
No auth needed
Prerequisites: List of target URLs/IPs in `targets.txt`
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 6.5
EPSS 0.1123
EPSS Percentile 95.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-532 CWE-312
Status published
Products (1)
paloaltonetworks/expedition 1.2.0 - 1.2.96
Published Oct 09, 2024
Tracked Since Feb 18, 2026