A remote command injection vulnerability has been identified in Palo Alto Expedition (Migration Tool) . Expedition tool is used for moving firewall configurations from another vendor to Palo Alto’s product. It makes the conversion process easier to accomplish. MITRE has assigned CVE-2018-10143 for this vulnerability. Vulnerability Analysis: This vulnerability exists in convertCSVtoParquet.php which accepts user controlled input in a path … Continue reading “Palo Alto Networks Expedition (Migration Tool) Unauthenticated Command Injection Vulnerability”