CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Fortinet: >> Fortisandbox >> 4.4.6 Security Vulnerabilities

CVE-2024-52961

An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0, FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2.1 through 4.2.7, FortiSandbox 4.0.0 through 4.0.5, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.

CVSS Score

8.8

EPSS Score

0.002

Published

2025-03-11

CVE-2024-45328

An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow a low priviledged administrator to execute elevated CLI commands via the GUI console menu.

CVSS Score

7.8

EPSS Score

0.0

Published

2025-03-11

Page 2

Vulnerabilities

Vulnerable Software

Fortinet: >> Fortisandbox >> 4.4.6 Security Vulnerabilities

Products

Pricing

Contact Us