A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-454 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-04-09T14:24:20.543Z
Updated: 2024-08-22T19:57:13.149Z
Reserved: 2024-01-19T08:23:28.613Z
Link: CVE-2024-23671
Vulnrichment
Updated: 2024-08-01T23:06:25.350Z
NVD
Status : Awaiting Analysis
Published: 2024-04-09T15:15:31.560
Modified: 2024-04-10T13:24:22.187
Link: CVE-2024-23671
Redhat
No data.