4 matches found
Exploit for OS Command Injection in Fortinet Fortisiem
CVE-2023-34992: Fortinet FortiSIEM Unauthenticated Command Inj...
Critical Patches Released for New Flaws in Cisco, Fortinet, VMware Products
Cisco, Fortinet, and VMware have released security fixes for multiple security vulnerabilities, including critical weaknesses that could be exploited to perform arbitrary actions on affected devices. The first set from Cisco consists of three flaws – CVE-2024-20252 and CVE-2024-20254 CVSS score:...
CVE-2023-34992
creationtimestamp| type| source ---|---|--- 2023-11-17 09:49:29+00:00| seen| https://t.me/truesecator/5096 2024-02-07 14:20:05+00:00| seen| https://t.me/truesecator/5386 2024-02-08 16:26:19+00:00| seen| https://t.me/kasperskyb2b/1130 2024-05-21 06:28:48+00:00| published-proof-of-concept|...
CVE-2023-34992
CVE-2023-34992 affects Fortinet FortiSIEM (report server) with an OS command injection via crafted API requests. Root cause: improper neutralization of special elements in OS command handling (CWE-78). Impact: remote unauthenticated attacker can execute arbitrary commands, potentially as root, on...