CVE-2024-54026 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2 all versi…
Medium CVSS: 4.3

CVE-2024-54026

An improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiSandbox 4.4.0 through 4.4.6, FortiSandbox 4.2 all versions, FortiSandbox 4.0 all versions, FortiSandbox 3.2 all versions, FortiSandbox 3.1 all versions, FortiSandbox 3.0 all versions, FortiSandbox Cloud 24.1 allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Vendor
Fortinet
Product
Fortisandbox
CWE
CWE-89
Yayın Tarihi
2025-03-11 15:15:43
Güncelleme
2026-01-14 15:15:55
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-89 Fortisandbox MEDIUM Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-24-353