A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows attacker to execute unauthorized code or commands via crafted requests..
References
History

Mon, 23 Dec 2024 15:30:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:*

cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2024-04-09T14:24:24.441Z

Updated: 2024-08-01T22:27:36.316Z

Reserved: 2024-01-02T10:15:00.526Z

Link: CVE-2024-21756

cve-icon Vulnrichment

Updated: 2024-07-31T18:07:16.570Z

cve-icon NVD

Status : Analyzed

Published: 2024-04-09T15:15:31.173

Modified: 2024-12-23T15:02:00.357

Link: CVE-2024-21756

cve-icon Redhat

No data.