{"vulnerability": "CVE-2025-0103", "sightings": [{"uuid": "88b9a9d3-3592-49f7-958e-b9f25e4fcefe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0103", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfgqkz4ywv2i", "content": "", "creation_timestamp": "2025-01-11T03:16:09.551852Z"}, {"uuid": "9dc74f6f-b3be-418a-b1bf-35860a167de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0103", "type": "seen", "source": "https://t.me/ics_cert/997", "content": "Palo Alto Networks Expedition Configuration Tool \u0628\u0647 \u062f\u0644\u06cc\u0644 \u0639\u062f\u0645 \u0645\u062d\u0627\u0641\u0638\u062a \u0627\u0632 \u0633\u0627\u062e\u062a\u0627\u0631 \u067e\u0631\u0633 \u0648 \u062c\u0648\u06cc SQL \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631 \u0627\u0633\u062a.  \n\n\u0628\u0647\u0631\u0647 \u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc \u0645\u06cc \u062a\u0648\u0627\u0646\u062f \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u062f\u0647\u062f \u062a\u0627 \u0645\u062d\u062a\u0648\u06cc\u0627\u062a \u067e\u0627\u06cc\u06af\u0627\u0647 \u062f\u0627\u062f\u0647 \u0627\u0628\u0632\u0627\u0631 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u0641\u0627\u0634 \u06a9\u0646\u062f \u0648 \u0647\u0645\u0686\u0646\u06cc\u0646 \u0628\u0627 \u0627\u0631\u0633\u0627\u0644 \u06cc\u06a9 \u067e\u0631\u0633 \u0648 \u062c\u0648\u06cc SQL \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u062e\u0627\u0635\u060c \u0628\u0647 \u0646\u0648\u0634\u062a\u0646 \u0648 \u062e\u0648\u0627\u0646\u062f\u0646 \u0641\u0627\u06cc\u0644 \u0647\u0627\u06cc \u062f\u0644\u062e\u0648\u0627\u0647 \u062f\u0633\u062a\u0631\u0633\u06cc \u067e\u06cc\u062f\u0627 \u06a9\u0646\u062f.\n\n BDU:2025-00155\n CVE-2025-0103\n\n \u0646\u0635\u0628 \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0627\u0632 \u0645\u0646\u0627\u0628\u0639 \u0642\u0627\u0628\u0644 \u0627\u0639\u062a\u0645\u0627\u062f \u060c \u062a\u0648\u0635\u06cc\u0647 \u0645\u06cc \u0634\u0648\u062f \u0628\u0647 \u0631\u0648\u0632 \u0631\u0633\u0627\u0646\u06cc \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631 \u0631\u0627 \u062a\u0646\u0647\u0627 \u067e\u0633 \u0627\u0632 \u0627\u0631\u0632\u06cc\u0627\u0628\u06cc \u062a\u0645\u0627\u0645 \u062e\u0637\u0631\u0627\u062a \u0645\u0631\u062a\u0628\u0637 \u0646\u0635\u0628 \u06a9\u0646\u06cc\u062f.\n\n \u0627\u0642\u062f\u0627\u0645\u0627\u062a \u062c\u0628\u0631\u0627\u0646\u06cc:\n - \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0627\u0628\u0632\u0627\u0631\u0647\u0627\u06cc \u0641\u0627\u06cc\u0631\u0648\u0627\u0644 \u062f\u0631 \u0633\u0637\u062d \u0628\u0631\u0646\u0627\u0645\u0647 \u0648\u0628 \u0628\u0631\u0627\u06cc \u062c\u0644\u0648\u06af\u06cc\u0631\u06cc \u0627\u0632 \u062a\u0644\u0627\u0634 \u0628\u0631\u0627\u06cc \u0645\u0639\u0631\u0641\u06cc \u062a\u0632\u0631\u06cc\u0642 SQL.\n - \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u0644\u06cc\u0633\u062a \u0633\u0641\u06cc\u062f \u0622\u062f\u0631\u0633 \u0647\u0627\u06cc IP \u0628\u0631\u0627\u06cc \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u0646\u0631\u0645 \u0627\u0641\u0632\u0627\u0631\u0647\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631.\n - \u0645\u062d\u062f\u0648\u062f \u06a9\u0631\u062f\u0646 \u062f\u0633\u062a\u0631\u0633\u06cc \u0628\u0647 \u062f\u0633\u062a\u06af\u0627\u0647 \u0647\u0627 \u0627\u0632 \u0634\u0628\u06a9\u0647 \u0647\u0627\u06cc \u062e\u0627\u0631\u062c\u06cc (\u0627\u06cc\u0646\u062a\u0631\u0646\u062a).\n\n \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 \u062a\u0648\u0635\u06cc\u0647 \u0647\u0627\u06cc \u0633\u0627\u0632\u0646\u062f\u0647:\n https://security.paloaltonetworks.com/PAN-SA-2025-0001\n\n\ud83d\udc48 \u0646\u0638\u0631\u0627\u062a \u0648 \u062a\u062c\u0631\u0628\u06cc\u0627\u062a \u0634\u0645\u0627 \u0627\u0631\u0632\u0634\u0645\u0646\u062f \u0627\u0633\u062a - \u0644\u0637\u0641\u0627 \u0622\u0646\u0631\u0627 \u0628\u0647 \u0627\u0634\u062a\u0631\u0627\u06a9 \u0628\u06af\u0630\u0627\u0631\u06cc\u062f. \n\ud83c\udfed \u0648\u0628\u0633\u0627\u06cc\u062a \u0648 \u06a9\u0627\u0646\u0627\u0644 \u062a\u062e\u0635\u0635\u06cc \u0627\u0645\u0646\u06cc\u062a \u0632\u06cc\u0631\u0633\u0627\u062e\u062a\u0647\u0627\u06cc \u0627\u062a\u0648\u0645\u0627\u0633\u06cc\u0648\u0646 \u0648 \u06a9\u0646\u062a\u0631\u0644 \u0635\u0646\u0639\u062a\u06cc\n\ud83d\udc6e\ud83c\udffd\u200d\u2640\ufe0f\u0647\u0631\u06af\u0648\u0646\u0647 \u0627\u0646\u062a\u0634\u0627\u0631 \u0648 \u0630\u06a9\u0631 \u0645\u0637\u0627\u0644\u0628 \u0628\u062f\u0648\u0646 \u0630\u06a9\u0631 \u062f\u0642\u06cc\u0642 \u0645\u0646\u0628\u0639 \u0648 \u0622\u062f\u0631\u0633 \u0644\u06cc\u0646\u06a9 \u0622\u0646 \u0645\u0645\u0646\u0648\u0639 \u0627\u0633\u062a. \n\u0627\u062f\u0645\u06cc\u0646:\n\u200fhttps://t.me/pedram_kiani\n\u06a9\u0627\u0646\u0627\u0644 \u062a\u0644\u06af\u0631\u0627\u0645:\nhttps://t.me/ics_cert\n\u06af\u0631\u0648\u0647 \u0648\u0627\u062a\u0633 \u0622\u067e :\nhttps://chat.whatsapp.com/FpB620AWEeSKvd8U6cFh33", "creation_timestamp": "2025-01-21T16:32:22.000000Z"}, {"uuid": "9d11adee-4fb9-46aa-a521-4a608bc14ada", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0103", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1270", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0103\n\ud83d\udd39 Description: An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system.\n\ud83d\udccf Published: 2025-01-11T02:59:51.177Z\n\ud83d\udccf Modified: 2025-01-11T02:59:51.177Z\n\ud83d\udd17 References:\n1. https://security.paloaltonetworks.com/PAN-SA-2025-0001", "creation_timestamp": "2025-01-11T04:04:12.000000Z"}, {"uuid": "d87fa314-437b-40a3-b398-ded0ba219948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0103", "type": "seen", "source": "https://t.me/cvedetector/15020", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-0103 - Palo Alto Networks Expedition SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-0103 \nPublished : Jan. 11, 2025, 3:15 a.m. | 28\u00a0minutes ago \nDescription : An SQL injection vulnerability in Palo Alto Networks Expedition enables an authenticated attacker to reveal Expedition database contents, such as password hashes, usernames, device configurations, and device API keys. This vulnerability also enables attackers to create and read arbitrary files on the Expedition system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-11T04:53:12.000000Z"}, {"uuid": "d2125bf2-d8f2-4982-baf1-be37e7a5ea54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0103", "type": "seen", "source": "Telegram/Vnw3TbYrbaxjToiNpLHPY0jkdxCo1g9fXycdOBIOZ_9-M0o", "content": "", "creation_timestamp": "2025-01-11T05:01:03.000000Z"}]}