Home
MEDIUM: 6.5 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H/E:P/RL:O/RC:CDefault status
unaffected
4.4.0 (semver)
affected
4.2.1 (semver)
affected
4.0.0 (semver)
affected
3.2.0 (semver)
affected
Description
Multiple improper neutralization of special elements used in an OS Command vulnerabilities [CWE-78] in FortiSandbox before 4.4.5 allows a privileged attacker to execute unauthorized commands via crafted requests.
Problem types
Execute unauthorized code or commands
Product status
4.4.0 (semver)
4.2.1 (semver)
4.0.0 (semver)
3.2.0 (semver)
References
fortiguard.fortinet.com/psirt/FG-IR-24-110