Palo Alto Networks Expedition
Don't miss out!
Thousands of developers use stack.watch to stay informed.Get an email whenever new security vulnerabilities are reported in Palo Alto Networks Expedition.
By the Year
In 2026 there have been 0 vulnerabilities in Palo Alto Networks Expedition. Last year, in 2025 Expedition had 3 security vulnerabilities published. Right now, Expedition is on track to have less security vulnerabilities in 2026 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2026 | 0 | 0.00 |
| 2025 | 3 | 0.00 |
| 2024 | 6 | 6.37 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 3 | 4.80 |
| 2018 | 2 | 0.00 |
It may take a day or so for new Expedition vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Palo Alto Networks Expedition Security Vulnerabilities
Palo Alto Networks Expedition: OS Command Injection Exposes Credentials
CVE-2025-0107
- January 11, 2025
An OS command injection vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to run arbitrary OS commands as the www-data user in Expedition, which results in the disclosure of usernames, cleartext passwords, device configurations, and device API keys for firewalls running PAN-OS software.
Palo Alto Expedition: Unauth Deletion of www-data Files (CVE-2025-0105)
CVE-2025-0105
- January 11, 2025
An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.
Palo Alto Networks Expedition SQLi Exposes DB Hashes & API Keys
CVE-2025-0103
- January 11, 2025
An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system.
Authenticated XSS in Palo Alto Expedition Web UI leads to session theft
CVE-2024-9467
6.1 - Medium
- October 09, 2024
A reflected XSS vulnerability in Palo Alto Networks Expedition enables execution of malicious JavaScript in the context of an authenticated Expedition user's browser if that user clicks on a malicious link, allowing phishing attacks that could lead to Expedition browser session theft.
XSS
Cleartext Storage of Sensitive Credentials in Palo Alto Networks Expedition
CVE-2024-9466
6.5 - Medium
- October 09, 2024
A cleartext storage of sensitive information vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to reveal firewall usernames, passwords, and API keys generated using those credentials.
Cleartext Storage of Sensitive Information
SQLi in Palo Alto Expedition DB leaks credentials & files
CVE-2024-9465
- October 09, 2024
An SQL injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. With this, attackers can also create and read arbitrary files on the Expedition system.
SQL Injection
OS Cmd Injection in Palo Alto Expedition Enables Root Execution
CVE-2024-9464
6.5 - Medium
- October 09, 2024
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Shell injection
OS cmd injection in Palo Alto Expedition runs as root
CVE-2024-9463
- October 09, 2024
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to run arbitrary OS commands as root in Expedition, resulting in disclosure of usernames, cleartext passwords, device configurations, and device API keys of PAN-OS firewalls.
Shell injection
Palo Alto Networks Expedition: Authentication Bypass Allows Admin Takeover
CVE-2024-5910
- July 10, 2024
Missing authentication for a critical function in Palo Alto Networks Expedition can lead to an Expedition admin account takeover for attackers with network access to Expedition. Note: Expedition is a tool aiding in configuration migration, tuning, and enrichment. Configuration secrets, credentials, and other data imported into Expedition is at risk due to this issue.
Missing Authentication for Critical Function
The Expedition Migration tool 1.1.8 and earlier may
CVE-2019-1571
4.8 - Medium
- March 26, 2019
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the RADIUS server settings.
XSS
The Expedition Migration tool 1.1.8 and earlier may
CVE-2019-1569
4.8 - Medium
- March 26, 2019
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the User Mapping Settings for account name of admin user.
XSS
The Expedition Migration tool 1.1.8 and earlier may
CVE-2019-1570
4.8 - Medium
- March 26, 2019
The Expedition Migration tool 1.1.8 and earlier may allow an authenticated attacker to run arbitrary JavaScript or HTML in the LDAP server settings.
XSS
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may
CVE-2018-10143
- December 12, 2018
The Palo Alto Networks Expedition Migration tool 1.0.107 and earlier may allow an unauthenticated attacker with remote access to run system level commands on the device hosting this service/application.
The Expedition Migration tool 1.0.106 and earlier may
CVE-2018-10142
- November 27, 2018
The Expedition Migration tool 1.0.106 and earlier may allow an unauthenticated attacker to enumerate files on the operating system.
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Palo Alto Networks Expedition or by Palo Alto Networks? Click the Watch button to subscribe.
