A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 through 4.4.3 and 4.2.0 through 4.2.6 and 4.0.0 through 4.0.4 allows attacker to execute unauthorized code or commands via crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-454 |
History
Mon, 23 Dec 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Fortinet
Fortinet fortisandbox |
|
CPEs | cpe:2.3:a:fortinet:fortisandbox:*:*:*:*:*:*:*:* | |
Vendors & Products |
Fortinet
Fortinet fortisandbox |
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2024-04-09T14:24:20.543Z
Updated: 2024-08-22T19:57:13.149Z
Reserved: 2024-01-19T08:23:28.613Z
Link: CVE-2024-23671
Vulnrichment
Updated: 2024-08-01T23:06:25.350Z
NVD
Status : Analyzed
Published: 2024-04-09T15:15:31.560
Modified: 2024-12-23T15:04:06.610
Link: CVE-2024-23671
Redhat
No data.