An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.2 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2.4.1 and 2.3.0 through 2.3.3 and 2.2.0 through 2.2.2 and 2.1.0 through 2.1.3 and 2.0.0 through 2.0.3 allows attacker to execute unauthorized code or commands via CLI.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-416 |
History
Mon, 23 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fortinet
Fortinet fortisandbox |
|
CPEs | cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:* | |
Vendors & Products |
Fortinet
Fortinet fortisandbox |
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-04-09T14:24:20.501Z
Updated: 2024-08-02T21:09:37.349Z
Reserved: 2023-11-06T10:35:25.828Z
Link: CVE-2023-47541
Vulnrichment
Updated: 2024-08-02T21:09:37.349Z
NVD
Status : Analyzed
Published: 2024-04-09T15:15:28.020
Modified: 2024-12-23T14:57:00.153
Link: CVE-2023-47541
Redhat
No data.