exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 3

CVE-2024-52961

11 месяцев назад

An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0, FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2.1 through 4.2.7, FortiSandbox 4.0.0 through 4.0.5, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.

CVSS3: 8.8

EPSS: Низкий

GHSA-mvc2-5crr-f7g7

11 месяцев назад

An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.7, 4.2.0 through 4.2.7 and before 4.0.5 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.

CVSS3: 8.8

EPSS: Низкий

BDU:2025-03632

11 месяцев назад

Уязвимость компонента GUI системы выявления и устранения угроз FortiSandbox, позволяющая нарушителю выполнять произвольные команды

CVSS3: 8.8

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-52961 An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0, FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2.1 through 4.2.7, FortiSandbox 4.0.0 through 4.0.5, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.	CVSS3: 8.8	0% Низкий	11 месяцев назад
GHSA-mvc2-5crr-f7g7 An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.7, 4.2.0 through 4.2.7 and before 4.0.5 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.	CVSS3: 8.8	0% Низкий	11 месяцев назад
BDU:2025-03632 Уязвимость компонента GUI системы выявления и устранения угроз FortiSandbox, позволяющая нарушителю выполнять произвольные команды	CVSS3: 8.8	0% Низкий	11 месяцев назад

Уязвимостей на страницу