ГлавнаяУязвимости → CVE-2024-23671
8.1высокая

CVE-2024-23671

Описание

A improper limitation of a pathname to a restricted directory ('path traversal') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.3, FortiSandbox 4.2.1 through 4.2.6, FortiSandbox 4.0.0 through 4.0.4 allows attacker to execute unauthorized code or commands via crafted HTTP requests.

Затрагиваемое ПО
Fortinet Fortisandbox
CVSS
Балл8.1 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Источники
https://fortiguard.com/psirt/FG-IR-23-454https://fortiguard.com/psirt/FG-IR-23-454