Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortisandbox 4.0.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-27487
A improper privilege management in Fortinet FortiSandbox version 4.2.0 up to and including 4.2.2, 4.0.0 up to and including 4.0.2 and prior to 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 up to and including 4.0.2 and prior to 3.3.3 allows a remote authenticated malicious user to...
Fortinet Fortideceptor 4.1.0
Fortinet Fortideceptor
Fortinet Fortisandbox
8.8
CVSSv3
CVE-2021-26096
Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox prior to 4.0.0 may allow an authenticated malicious user to manipulate memory and alter its content by means of specifically crafted command line arguments.
Fortinet Fortisandbox
7.5
CVSSv3
CVE-2023-41682
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 and 4.2.0 up to and including 4.2.5 and 4.0.0 up to and including 4.0.3 and 3.2.0 up to and including 3.2.4 and 2.5.0 up to and including 2.5.2 and 2....
Fortinet Fortisandbox
Fortinet Fortisandbox 4.4.0
7.5
CVSSv3
CVE-2022-26115
A use of password hash with insufficient computational effort vulnerability [CWE-916] in FortiSandbox prior to 4.2.0 may allow an attacker with access to the password database to efficiently mount bulk guessing attacks to recover the passwords.
Fortinet Fortisandbox 3.2.2
Fortinet Fortisandbox 4.0.0
Fortinet Fortisandbox 3.2.0
Fortinet Fortisandbox 3.2.1
Fortinet Fortisandbox 3.2.3
Fortinet Fortisandbox 4.0.1
Fortinet Fortisandbox 4.0.2
7.5
CVSSv3
CVE-2022-30305
An insufficient logging [CWE-778] vulnerability in FortiSandbox versions 4.0.0 to 4.0.2, 3.2.0 to 3.2.3 and 3.1.0 to 3.1.5 and FortiDeceptor versions 4.2.0, 4.1.0 up to and including 4.1.1, 4.0.0 up to and including 4.0.2, 3.3.0 up to and including 3.3.3, 3.2.0 up to and includin...
Fortinet Fortideceptor 3.1.0
Fortinet Fortisandbox 3.2.2
Fortinet Fortisandbox 3.2.0
Fortinet Fortisandbox 3.2.1
Fortinet Fortideceptor 3.1.1
Fortinet Fortideceptor 4.1.0
Fortinet Fortideceptor 4.1.1
Fortinet Fortideceptor 4.2.0
Fortinet Fortideceptor
Fortinet Fortisandbox
Fortinet Fortisandbox 3.2.3
7.5
CVSSv3
CVE-2021-26098
An instance of small space of random values in the RPC API of FortiSandbox prior to 4.0.0 may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs.
Fortinet Fortisandbox
6.5
CVSSv3
CVE-2022-27485
A improper neutralization of special elements used in an sql command ('sql injection') vulnerability [CWE-89] in Fortinet FortiSandbox version 4.2.0, 4.0.0 up to and including 4.0.2, 3.2.0 up to and including 3.2.3, 3.1.x and 3.0.x allows a remote and authenticated atta...
Fortinet Fortisandbox
Fortinet Fortisandbox 4.2.0
6.1
CVSSv3
CVE-2023-41680
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 up to and including 4.2.5 and 4.0.0 up to and including 4.0.3 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and includ...
Fortinet Fortisandbox
Fortinet Fortisandbox 2.4.1
6.1
CVSSv3
CVE-2023-41681
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 up to and including 4.2.5 and 4.0.0 up to and including 4.0.3 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and includ...
Fortinet Fortisandbox
Fortinet Fortisandbox 2.4.1
6.1
CVSSv3
CVE-2023-41836
An improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.0 and 4.2.0 up to and including 4.2.4, and 4.0.0 up to and including 4.0.4 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and including 3.1....
Fortinet Fortisandbox
Fortinet Fortisandbox 4.4.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »