Today > 5 Critical | 36 High | 55 Medium | 1 Low vulnerabilities   -   You can now download lists of IOCs here!

CVE-2025-0105

Jan. 11, 2025, 3:15 a.m.

Tags

CWE-73
psirt@paloaltonetworks.com
2025-01-11
CVE-2025-0105

Product(s) Impacted

Palo Alto Networks Expedition

Description

An arbitrary file deletion vulnerability in Palo Alto Networks Expedition enables an unauthenticated attacker to delete arbitrary files accessible to the www-data user on the host filesystem.

Weaknesses

CWE-73
External Control of File Name or Path

The product allows user input to control or influence paths or file names that are used in filesystem operations.

CWE ID: 73

Date

Published: Jan. 11, 2025, 3:15 a.m.

Last Modified: Jan. 11, 2025, 3:15 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

psirt@paloaltonetworks.com

References

https://security.paloaltonetworks.com/ psirt@paloaltonetworks.com