CVE-2024-23671 — Vulnetix

CVE-2024-23671 PUBLISHED

Es besteht eine Schwachstelle in Fortinet FortiSandbox. Dieser Fehler besteht aufgrund eines Path Traversal Problems. Ein entfernter, authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um über manipulierte HTTP-Anfragen beliebige Dateien zu löschen.

EPSS 0.83% · 74.9th percentile

Risk Scores

EPSS Score

0.83%

74.9th percentile

Affected Products

Vendor	Product	Versions
Fortinet	Fortinet FortiSandbox <4.0.5
Fortinet	Fortinet FortiSandbox <4.2.7
Fortinet	Fortinet FortiSandbox <4.4.4
Fortinet	Fortinet FortiSandbox <4.4.3

Exploit Intelligence

https://fortiguard.com/psirt/FG-IR-23-489 (circl)

Timeline

Apr 9, 2024 CVE Published
Apr 10, 2024 EPSS Score
May 5, 2024 EPSS Score
May 30, 2024 EPSS Score
Jun 24, 2024 EPSS Score
Aug 14, 2024 EPSS Score
Sep 8, 2024 EPSS Score
Oct 3, 2024 EPSS Score
Oct 4, 2024 Coalition ESS Score
Oct 28, 2024 EPSS Score
Nov 22, 2024 EPSS Score
Nov 27, 2024 Coalition ESS Score

References

https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0835.json advisory
https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0835 advisory
https://fortiguard.fortinet.com/psirt/FG-IR-23-411 advisory
https://fortiguard.fortinet.com/psirt/FG-IR-23-416 advisory
https://fortiguard.fortinet.com/psirt/FG-IR-23-454 advisory
https://fortiguard.fortinet.com/psirt/FG-IR-23-489 advisory
https://fortiguard.fortinet.com/psirt/FG-IR-24-060 advisory

Open in Interactive Console →