cbcvebase.
CVE-2018-10143
published 2018-12-12

CVE-2018-10143: The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on…

PriorityP273critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
24.85%
97.6th percentile
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.

Affected

3 ranges
VendorProductVersion rangeFixed in
palo_alto_networkspalo_alto_networks_expedition
paloaltoexpedition
paloaltonetworksexpedition

Detection & IOCsextracted from sources · hover to see the quote

  • Target application is Palo Alto Networks Expedition Migration Tool version 1.0.107 and earlier; any unauthenticated remote request resulting in OS command execution against this service should be treated as exploitation of this vulnerability.
  • ·No workaround is available; the only remediation is upgrading to Expedition 1.0.108 or later.
  • ·Exploitation requires no authentication, meaning network-level access controls (e.g., firewall rules restricting access to the Expedition service) are the only compensating control prior to patching.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.