Lucene search

K
FortinetFortisandbox

8 matches found

CVE
CVE
added 2024/04/09 3:15 p.m.46 views

CVE-2024-23671

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows attacker to execute unauthorized code or commands via crafted HTTP requests.

8.1CVSS7.4AI score0.00827EPSS
CVE
CVE
added 2024/09/10 3:15 p.m.45 views

CVE-2024-31490

An exposure of sensitive information to an unauthorized actor in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.2 through 3.2.4 and 3.1.5 allows attacker to information disclosure via HTTP get requests.

6.5CVSS6.4AI score0.00171EPSS
CVE
CVE
added 2024/04/09 3:15 p.m.43 views

CVE-2024-21756

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows attacker to execute unauthorized code or commands via crafted requests..

8.8CVSS7.5AI score0.00771EPSS
CVE
CVE
added 2024/04/09 3:15 p.m.42 views

CVE-2024-21755

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows attacker to execute unauthorized code or commands via crafted requests..

8.8CVSS7.5AI score0.00771EPSS
CVE
CVE
added 2024/04/09 3:15 p.m.40 views

CVE-2024-31487

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2.4...

6.5CVSS6.3AI score0.00389EPSS
CVE
CVE
added 2024/05/14 5:17 p.m.38 views

CVE-2024-31491

A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 through 4.4.4 and 4.2.0 through 4.2.6 allows attacker to execute unauthorized code or commands via HTTP requests.

8.8CVSS7.5AI score0.00642EPSS
CVE
CVE
added 2024/04/09 3:15 p.m.35 views

CVE-2023-47540

An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 through 4.4.2 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.0.5 through 3.0.7 may allows attacker to execute unauthorized code or comm...

6.7CVSS6.9AI score0.00095EPSS
CVE
CVE
added 2024/04/09 3:15 p.m.33 views

CVE-2023-47541

An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.2 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 and 2.5.0 through 2.5.2 and 2.4.0 through 2....

6.7CVSS7.4AI score0.00097EPSS