SecuriTricks - CVE-2025-0106

Product(s) Impacted

Palo Alto Networks Expedition

Description

A wildcard expansion vulnerability in Palo Alto Networks Expedition allows an unauthenticated attacker to enumerate files on the host filesystem.

Weaknesses

CWE-155

Improper Neutralization of Wildcards or Matching Symbols

The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as wildcards or matching symbols when they are sent to a downstream component.

CWE ID: 155

Date

Published: Jan. 11, 2025, 3:15 a.m.

Last Modified: Jan. 11, 2025, 3:15 a.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

psirt@paloaltonetworks.com

CVE-2025-0106

Tags

Product(s) Impacted

Description

Weaknesses

CWE-155

Improper Neutralization of Wildcards or Matching Symbols

Date

Status : Awaiting Analysis

Source

References

CVE-2025-0106

Tags

Product(s) Impacted

Description

Weaknesses

CWE-155

Improper Neutralization of Wildcards or Matching Symbols

Date

Status : Awaiting Analysis

Source

References

Share