CVE-2018-10143

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Expedition Migration tool version 1.0.107 and earlier

Description The issue allows an unauthenticated attacker with remote access to run system-level commands on the device hosting the service/application. It is due to insufficient input validation in the Palo Alto Networks Migration Tool, which can be exploited by a local attacker to execute arbitrary code with system privileges using a specially crafted request.

Recommendations For version 1.0.107 and earlier, update to a newer version to mitigate the risk. At the moment, there is no information about a newer version that contains a fix for this vulnerability.