A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows attacker to execute unauthorized code or commands via crafted requests..
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-489 |
History
Mon, 23 Dec 2024 15:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-04-09T14:24:25.073Z
Updated: 2024-08-01T22:27:36.253Z
Reserved: 2024-01-02T10:15:00.526Z
Link: CVE-2024-21755
Vulnrichment
Updated: 2024-07-31T18:19:33.130Z
NVD
Status : Analyzed
Published: 2024-04-09T15:15:30.977
Modified: 2024-12-23T14:58:10.797
Link: CVE-2024-21755
Redhat
No data.