An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6 may allow an authenticated attacker with access to the web GUI to execute unauthorized code or commands via specifically crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-20-198 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2021-08-04T15:54:53
Updated: 2024-08-03T20:19:19.826Z
Reserved: 2021-01-25T00:00:00
Link: CVE-2021-26097
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-08-04T16:15:08.287
Modified: 2021-08-10T23:37:41.523
Link: CVE-2021-26097
Redhat
No data.