exploitDog

GHSA-743h-33qg-wchq

Опубликовано: 11 мар. 2025

Источник: github

Github: Не прошло ревью

CVSS3: 4.3

Описание

A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.

A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.

Ссылки

EPSS

Процентиль: 33%

0.00134

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-602

Связанные уязвимости

CVE-2024-52960

CVSS3: 4.3

nvd

11 месяцев назад

A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.

BDU:2025-03633

CVSS3: 4.3

fstec

11 месяцев назад

Уязвимость компонента GUI системы выявления и устранения угроз FortiSandbox, позволяющая нарушителю выполнять произвольные команды

EPSS

Процентиль: 33%

0.00134

Низкий

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-602