Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortisandbox vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-31491
A client-side enforcement of server-side security in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.4 and 4.2.0 up to and including 4.2.6 allows malicious user to execute unauthorized code or commands via HTTP requests.
NA
CVE-2024-23671
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.3 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.4 allows malicious user to execute unauthorized code o...
NA
CVE-2024-31487
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.4 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.5 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to ...
NA
CVE-2024-21755
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.3 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.4 allows malicious user to execute unautho...
NA
CVE-2024-21756
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.3 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.4 allows malicious user to execute unautho...
NA
CVE-2023-47540
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.2 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.5 and 3.2.0 up to and including 3.2.4 and...
NA
CVE-2023-47541
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.2 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.5 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to...
5.4
CVSSv3
CVE-2023-41844
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 up to and including 4.2.5 and 4.0.0 up to and including 4.0.3 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and includ...
Fortinet Fortisandbox
Fortinet Fortisandbox 4.4.0
Fortinet Fortisandbox 4.4.1
Fortinet Fortisandbox 4.4.2
5.4
CVSSv3
CVE-2023-45587
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 up to and including 4.2.5 and 4.0.0 up to and including 4.0.3 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and inclu...
Fortinet Fortisandbox
Fortinet Fortisandbox 4.4.0
Fortinet Fortisandbox 4.4.1
Fortinet Fortisandbox 4.4.2
6.1
CVSSv3
CVE-2023-41836
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.0 and 4.2.0 up to and including 4.2.4, and 4.0.0 up to and including 4.0.4 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and including 3.1....
Fortinet Fortisandbox
Fortinet Fortisandbox 4.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-30310
CVE-2024-21683
CVE-2024-22187
chrome
deserialization
XPath injection
CVE-2024-27842
denial of service
CVE-2024-24851
google
CVE-2024-35400
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »