CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Fortinet: >> Fortivoice >> 7.0.3 Security Vulnerabilities

CVE-2024-40587

An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 through 7.0.4 and before 6.4.9 allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests.

CVSS Score

6.7

EPSS Score

0.002

Published

2025-01-14

Page 2

Vulnerabilities

Vulnerable Software

Fortinet: >> Fortivoice >> 7.0.3 Security Vulnerabilities

Products

Pricing

Contact Us