CVE-2024-52960
- EPSS 0.13%
- Veröffentlicht 11.03.2025 14:54:35
- Zuletzt bearbeitet 24.07.2025 18:39:01
A client-side enforcement of server-side security vulnerability [CWE-602] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least read-only permission to execute unauthorized command...
CVE-2024-52961
- EPSS 0.16%
- Veröffentlicht 11.03.2025 14:54:30
- Zuletzt bearbeitet 14.01.2026 15:15:55
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] vulnerability in Fortinet FortiSandbox 5.0.0, FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2.1 through 4.2.7, FortiSandbox 4.0.0 through 4.0.5, FortiSandb...
CVE-2024-45328
- EPSS 0.03%
- Veröffentlicht 11.03.2025 14:54:28
- Zuletzt bearbeitet 24.07.2025 16:35:03
An incorrect authorization vulnerability [CWE-863] in FortiSandbox 4.4.0 through 4.4.6 may allow a low priviledged administrator to execute elevated CLI commands via the GUI console menu.
- EPSS 0.27%
- Veröffentlicht 11.02.2025 17:15:21
- Zuletzt bearbeitet 14.01.2026 14:16:10
An improper neutralization of input during web page generation ('cross-site scripting') vulnerability in Fortinet FortiSandbox 4.4.0 through 4.4.4, FortiSandbox 4.2.1 through 4.2.6, FortiSandbox 4.0.0 through 4.0.4, FortiSandbox 3.2 all versions, For...