Vulnerabilities > Paloaltonetworks > Expedition > High

DATE CVE VULNERABILITY TITLE RISK
2024-10-09 CVE-2024-9463 OS Command Injection vulnerability in Paloaltonetworks Expedition
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
network
low complexity
paloaltonetworks CWE-78
7.5
2018-11-27 CVE-2018-10142 Information Exposure vulnerability in Paloaltonetworks Expedition 1.0.106
The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.
network
low complexity
paloaltonetworks CWE-200
7.5