Forum Discussion

Bronze III

10 months ago

Solved

CVE-2024-5910 (Palo Alto Expedition) – Defensive

Hello - I'm a bit stuck on CVE-2024-5910 (Palo Alto Expedition) – Defensive I cannot see an obvious answer to After attempting to reset the admin credentials, which endpoint did the attacker att...

defensive cyber

BarnyStewart
9 months ago
Hi GusC

Each time the attacker attempts to reset the admin password (using the PHP file identified in task 2), they access the same endpoint immediately afterwards - which endpoint is it?

Hope that helps!

TillyCorless

Community Manager

9 months ago

Hi GusC , I'll speak with the lab author and come back to you.

Thanks!

veryk

Bronze II

2 months ago

I agree with GusC here, I was looking for an end point, hostname, URL, not what the answer was. Not until I read your hint did I even think about that could be the answer. Endpoint shouldn't be used and swapped out with what the answer is or at least added in to the question.

Forum Discussion

CVE-2024-5910 (Palo Alto Expedition) – Defensive

Featured Places

Help & Support Forum

Related Content

CVE-2024-5910: Understanding the Critical Expedition Vulnerability

CVE-2020-11651 (SaltStack RCE) – Defensive

CVE-2022-29799/CVE-2022-29800 (Nimbuspwn) – Defensive

New CTI Labs: Palo Alto Expedition Critical Vulnerabilities

New CTI Labs: BadSuccessor: Offensive and Defensive

Recent Discussions

Foundational Static Analysis: API Analysis step 10

copy-paste-compromise-malicious-documents-analysis

Brute Ratel: Extracting Indicators of Compromise

Microsoft Defender for Cloud: Inventory, Resource Health and Recommendations.

Snort Rules: Ep.9 – Exploit Kits