3 matches found
CVE-2021-26097
An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6 may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTT...
CVE-2021-26097
An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6 may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTT...
CVE-2021-26097
FortiSandbox has an OS command injection flaw (CVE-2021-26097) affecting 3.2.0–3.2.2, 3.1.0–3.1.4, and 3.0.0–3.0.6. The issue arises from improper neutralization of special elements in OS command handling, enabling an authenticated attacker with web GUI access to execute unauthorized code or comm...