5 matches found
CVE-2024-48889
An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiManager version 7.6.0, version 7.4.4 and below, version 7.2.7 and below, version 7.0.12 and below, version 6.4.14 and below and FortiManager Cloud version 7.4.4 and below,...
CVE-2024-48889
An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiManager version 7.6.0, version 7.4.4 and below, version 7.2.7 and below, version 7.0.12 and below, version 6.4.14 and below and FortiManager Cloud version 7.4.4 and below,...
CVE-2024-48889
creationtimestamp| type| source ---|---|--- 2024-12-18 12:48:44+00:00| seen| https://infosec.exchange/users/cve/statuses/113673904046655801 2024-12-18 15:22:11+00:00| seen| https://t.me/cvedetector/13202 2024-12-18 20:19:24+00:00| seen|...
CVE-2024-48889
FortiManager OS Command Injection (CVE-2024-48889) affects FortiManager and FortiManager Cloud across multiple versions (e.g., 7.6.0, 7.4.x, 7.2.x, 7.0.x, 6.4.x) via FGFM crafted requests. Root cause: improper neutralization of special elements in OS commands, enabling an authenticated remote att...
CVE-2024-48889
An Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiManager version 7.6.0, version 7.4.4 and below, version 7.2.7 and below, version 7.0.12 and below, version 6.4.14 and below and FortiManager Cloud version 7.4.4 and below,...