Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fortinet fortisandbox 4.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-41680
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 up to and including 4.2.5 and 4.0.0 up to and including 4.0.3 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and includ...
Fortinet Fortisandbox
Fortinet Fortisandbox 2.4.1
NA
CVE-2023-41681
A improper neutralization of input during web page generation ('cross-site scripting') in Fortinet FortiSandbox version 4.4.1 and 4.4.0 and 4.2.0 up to and including 4.2.5 and 4.0.0 up to and including 4.0.3 and 3.2.0 up to and including 3.2.4 and 3.1.0 up to and includ...
Fortinet Fortisandbox
Fortinet Fortisandbox 2.4.1
NA
CVE-2022-27487
A improper privilege management in Fortinet FortiSandbox version 4.2.0 up to and including 4.2.2, 4.0.0 up to and including 4.0.2 and prior to 3.2.3 and FortiDeceptor version 4.1.0, 4.0.0 up to and including 4.0.2 and prior to 3.3.3 allows a remote authenticated malicious user to...
Fortinet Fortideceptor 4.1.0
Fortinet Fortideceptor
Fortinet Fortisandbox
4.3
CVSSv2
CVE-2021-24014
Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox prior to 4.0.0 may allow an unauthenticated malicious user to perform an XSS attack via specifically crafted request parameters.
Fortinet Fortisandbox
6.5
CVSSv2
CVE-2021-26096
Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox prior to 4.0.0 may allow an authenticated malicious user to manipulate memory and alter its content by means of specifically crafted command line arguments.
Fortinet Fortisandbox
5
CVSSv2
CVE-2021-26098
An instance of small space of random values in the RPC API of FortiSandbox prior to 4.0.0 may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs.
Fortinet Fortisandbox
NA
CVE-2024-23671
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.3 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.4 allows malicious user to execute unauthorized code o...
NA
CVE-2024-21755
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.3 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.4 allows malicious user to execute unautho...
NA
CVE-2024-21756
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.3 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.4 allows malicious user to execute unautho...
NA
CVE-2023-47540
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSandbox version 4.4.0 up to and including 4.4.2 and 4.2.0 up to and including 4.2.6 and 4.0.0 up to and including 4.0.5 and 3.2.0 up to and including 3.2.4 and...
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »