OS Command Injection & SQL Injection vulnerabilities on Palo Alto Expedition (CVE 2024-9463 & CVE-2024-9465)

2 critical vulnerabilities, unauthenticated OS Command Injection vulnerability (CVE 2024-9463) and SQL Injection vulnerability (CVE 2024-9465), were identified in Palo Alto Networks Expedition recently.  The vulnerabilities allow an attacker to read Expedition database contents and arbitrary files, as well as write arbitrary files to temporary storage locations on the Expedition system. Combined, these include information such as usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.

 

Vulnerability

  • Unauthenticated OS Command Injection Vulnerability (CVE-2024-9463)
    • allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
  • SQL Injection vulnerability (CVE-20224-9465)
    • allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.

 

Severity Level

  • Critical

 

Affected Products

  • Expedition:  1.2.0 before 1.2.96

 

Remediation

 

Reference

 

Enquiry

 

 

Published on: 15 Nov 2024