Palo Alto Networks Expedition - Remote Code Execution (CVE-2024-9463)
收藏pentest-tools.com2025-03-26 收录
下载链接:
https://pentest-tools.com/vulnerabilities-exploits/undefined
下载链接
链接失效反馈官方服务:
资源简介:
The Palo Alto Networks Expedition is vulnerable to CVE-2024-9463, a Remote Code Execution vulnerability. The root cause of this vulnerability lies in the lack of input validation of the <code>convertCSVtoParquet.php</code> endpoint. This makes it possible for unauthenticated attackers to inject an OS Command using special characters.
Palo Alto Networks 的探险项目存在 CVE-2024-9463 漏洞,该漏洞属于远程代码执行漏洞。此漏洞的根本原因在于 <code>convertCSVtoParquet.php</code> 端点缺乏输入验证。这使得未经身份验证的攻击者能够利用特殊字符注入操作系统命令。
提供机构:
pentest-tools.com
