HTTP: Palo Alto Networks Expedition regionsDiscovery.php Insecure Deserialization
This signature detects attempts to exploit a known vulnerability against Palo Alto Networks Expedition. A successful attack can lead to arbitrary code execution.
Extended Description
An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.
Short Name
HTTP:CTS:PALO-ALTO-EXPD-RGN-DIS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
Alto CVE-2025-0107 Deserialization Expedition Insecure Networks Palo regionsDiscovery.php
Release Date
02/05/2025
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3780
False Positive
Unknown