Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortisandbox 3.2.0 vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv2
CVE-2021-22124
An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 up to and including 3.2.2, 3.1.0 up to and including 3.1.4, and 3.0.0 up to and including 3.0.6; and FortiAuthenticator prior to 6.0.6 may allow an unauthenticated ma...
Fortinet Fortiauthenticator
Fortinet Fortisandbox
6.5
CVSSv2
CVE-2020-29011
Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 up to and including 3.2.2, and 3.1.0 up to and including 3.1.4 may allow an authenticated malicious user to execute unauthorized code on the underlying SQL interpret...
Fortinet Fortisandbox
6.5
CVSSv2
CVE-2021-26097
An improper neutralization of special elements used in an OS Command vulnerability in FortiSandbox 3.2.0 up to and including 3.2.2, 3.1.0 up to and including 3.1.4, and 3.0.0 up to and including 3.0.6 may allow an authenticated attacker with access to the web GUI to execute unaut...
Fortinet Fortisandbox
5.5
CVSSv2
CVE-2020-29013
An improper input validation vulnerability in the sniffer interface of FortiSandbox prior to 3.2.2 may allow an authenticated malicious user to silently halt the sniffer via specifically crafted requests.
Fortinet Fortisandbox
Fortinet Fortisandbox 3.2.0
Fortinet Fortisandbox 3.2.1
4
CVSSv2
CVE-2021-24010
Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 up to and including 3.2.2, and 3.1.0 up to and including 3.1.4 may allow an authenticated user to obtain unauthorized access to files and data via specifially crafted web requests.
Fortinet Fortisandbox
NA
CVE-2023-47540
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.2 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.5 and 3.2.0 up to and including 3.2.4 and...
NA
CVE-2023-47541
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.2 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.5 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to...
NA
CVE-2024-31487
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.4 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.5 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to ...
NA
CVE-2023-41844
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 up to and including 4.2.5 and 4.0.0 up to and including 4.0.3 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and includ...
Fortinet Fortisandbox
Fortinet Fortisandbox 4.4.0
Fortinet Fortisandbox 4.4.1
Fortinet Fortisandbox 4.4.2
NA
CVE-2023-45587
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 up to and including 4.2.5 and 4.0.0 up to and including 4.0.3 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and inclu...
Fortinet Fortisandbox
Fortinet Fortisandbox 4.4.0
Fortinet Fortisandbox 4.4.1
Fortinet Fortisandbox 4.4.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »