CVE-2024-52960
4.3MEDIUMA client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least re
Опубликовано: 3/11/2025Обновлено: 7/24/2025
Описание
A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.
ИИ-АнализНа базе ИИ
Затронутые продукты
fortinetfortisandbox
fortinetfortisandbox
fortinetfortisandbox
5.0.0
Ссылки
- https://fortiguard.fortinet.com/psirt/FG-IR-24-305Vendor Advisory