CVE-2024-48891 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 thr…
High CVSS: 7.0

CVE-2024-48891

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiSOAR 7.6.0 through 7.6.1, 7.5.0 through 7.5.1, 7.4 all versions, 7.3 all versions may allow an attacker who has already obtained a non-login low privileged shell access (via another hypothetical vulnerability) to perform a local privilege escalation via crafted commands.
Vendor
Fortinet
Product
Fortisoar
CWE
CWE-78
Yayın Tarihi
2025-10-14 16:15:35
Güncelleme
2025-10-15 17:36:33
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-78 Fortisoar HIGH Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-24-412