CVE-2025-0107

Published Jan 11, 2025

Last updated 21 days ago

Overview

Description
An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.
Source
psirt@paloaltonetworks.com
NVD status
Awaiting Analysis
CNA Tags
unsupported-when-assigned

Risk scores

CVSS 4.0

Type
Secondary
Base score
7.7
Impact score
-
Exploitability score
-
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:H/U:Green
Severity
HIGH

Weaknesses

psirt@paloaltonetworks.com
CWE-78

Social media

Hype score
Not currently trending
  1. #exploit 1. CVE-2025-0107: Palo Alto Expedition Tool OS Command Injection - https://t.co/zjTJG9qfQb 2. CVE-2025-22710: WP WooCommerce SQLI - https://t.co/rNTF9xwiwu 3. CVE-2025-23013: Yubico PAM Module Authentication Bypass in Certain Configurations - https://t.co/oqrWCTXihb

    @ksg93rd

    21 Jan 2025

    192 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 💡MITREが「D3FEND 1.0」を発表 目的は脅威に対抗するサイバーセキュリティ技術の標準化 🚨CVE-2025-0107:パロアルト「Expedition」のRCE脆弱性、PoCエクスプロイトコードが公開される 〜サイバーセキュリティ 週末の話題〜 https://t.co/HUwW0XTsw7 #セキュリティ #インテリジェンス #OSINT

    @MachinaRecord

    20 Jan 2025

    227 Impressions

    0 Retweets

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🚨 Critical Cybersecurity Alert: Palo Alto Networks Expedition Tool Vulnerability 🚨 A recently disclosed OS command injection vulnerability (CVE-2025-0107) in Palo Alto Networks’ Expedition tool poses a serious threat to organizations using versions 1.2.101 and earlier. The… ht

    @CipherGuardians

    19 Jan 2025

    63 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨🚨CVE-2025-0107: Expedition: OS Command Injection Vulnerability ⚠️Unauthenticated attackers to trigger a call to an Apache Spark server (attacker controlled) which can then be used to cause the execution of arbitrary code. ZoomEye Dork👉app="Palo Alto Networks Expedition" 433…

    @zoomeye_team

    19 Jan 2025

    479 Impressions

    2 Retweets

    5 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-0107 PoC Exploit Code Released for PaloAlto Flaw #CVE-2025-0107 #PaloAlto #PoCExploitCode https://t.co/YsyXdBPVjo

    @pravin_karthik

    19 Jan 2025

    45 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. ⚠️ Exploit Activo para CVE-2025-0107: Riesgo Crítico en Palo Alto Expedition. ¡Actúa Ahora! https://t.co/LiGCqViACV

    @tpx_Security

    18 Jan 2025

    165 Impressions

    2 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. CVE-2025-0107: PoC Exploit Code Released for Palo Alto Expedition RCE Flaw Learn about the recently published technical details and PoC exploit code for CVE-2025-0107, a serious vulnerability in Palo Alto Networks' Expedition migration tool. https://t.co/CEpz3qbLBs

    @the_yellow_fall

    18 Jan 2025

    724 Impressions

    1 Retweet

    8 Likes

    0 Bookmarks

    2 Replies

    1 Quote

  8. New post from https://t.co/uXvPWJy6tj (CVE-2025-0107 | Palo Alto Networks Cloud NGFW os command injection) has been published on https://t.co/oHY9qaqjtl

    @WolfgangSesin

    11 Jan 2025

    17 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. CVE-2025-0107 Authenticated OS Command Injection in Palo Alto Networks Expedition Palo Alto Networks Expedition has a command injection vulnerability. An authenticated attacker can execute any OS commands as the ... https://t.co/bFf9U9dCq7

    @VulmonFeeds

    11 Jan 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. CVE-2025-0107 An OS command injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to run arbitrary OS commands as the www-data user in Expedition… https://t.co/YtgUHRkR1H

    @CVEnew

    11 Jan 2025

    300 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes