| CVE编号 | CVE-2024-54026 |
|---|---|
| 发布日期 | 2025-03-11T14:54:38.660Z |
| 更新日期 | 2025-03-11T16:05:02.790Z |
| 状态 | PUBLISHED |
| 受影响的供应商 | Fortinet |
| 受影响的产品 | FortiSandbox |
| 描述 | An improper neutralization of special elements used in an sql command ('sql injection') in Fortinet FortiSandbox Cloud version 23.4, FortiSandbox at least 4.4.0 through 4.4.6 and 4.2.0 through 4.2.7 and 4.0.0 through 4.0.5 and 3.2.0 through 3.2.4 and 3.1.0 through 3.1.5 and 3.0.0 through 3.0.7 allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests. |
参考链接:
