CVE-2024-9465
Expedition: SQL Injection Leads to Firewall Admin Credential Disclosure
In short
Expedition has a critical SQL injection flaw that lets attackers access the database without logging in, stealing passwords, usernames, device settings, and API keys. Attackers can also create and read files on the affected system.
Technical detail
An unauthenticated SQL injection vulnerability in Palo Alto Networks Expedition enables attackers to execute arbitrary SQL queries against the backend database, exfiltrating sensitive data including password hashes, device configurations, and API credentials. The vulnerability also permits arbitrary file read/write operations on the Expedition system, potentially leading to complete system compromise.
Summary generated and translated by AI from the official description.
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:N/SC:H/SI:N/SA:N/AU:N/R:U/V:C/RE:H/U:Amber
Affected products
Palo Alto Networks · Expeditionpublic PoCs found — 3
githubgithub.com/horizon3ai/CVE-2024-9465★ 31githubgithub.com/Qlng/CVE-2024-9465★ 0cve_referencewww.horizon3.ai/attack-research/palo-alto-expedition-from-n-day-to-full-compromise/unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →