A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows attacker to execute unauthorized code or commands via crafted requests..
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-489 |
History
Mon, 23 Dec 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
CPEs | cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:* |
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-04-09T14:24:24.441Z
Updated: 2024-08-01T22:27:36.316Z
Reserved: 2024-01-02T10:15:00.526Z
Link: CVE-2024-21756
Vulnrichment
Updated: 2024-07-31T18:07:16.570Z
NVD
Status : Analyzed
Published: 2024-04-09T15:15:31.173
Modified: 2024-12-23T15:02:00.357
Link: CVE-2024-21756
Redhat
No data.