CVE-2024-56497 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiMail versions 7.2.0 through 7.2.4 and 7.0.0 throu…
Medium CVSS: 6.7

CVE-2024-56497

An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiMail versions 7.2.0 through 7.2.4 and 7.0.0 through 7.0.6 and 6.4.0 through 6.4.7, FortiRecorder versions 7.0.0 and 6.4.0 through 6.4.4 allows attacker to execute unauthorized code or commands via the CLI.
Vendor
Fortinet
Product
Fortimail
CWE
CWE-78
Yayın Tarihi
2025-01-14 14:15:34
Güncelleme
2025-02-03 20:49:01
Source Identifier
psirt@fortinet.com
KEV Date Added
-

Kategoriler

CWE-78 Fortimail MEDIUM Fortinet 2025

Referanslar

https://fortiguard.fortinet.com/psirt/FG-IR-23-170