Dernières alertes de sécurité
FortiSIEM - multiple path traversal vulnerabilities
> date : 2023-10-11 09:00:00
> lien :
https://fortiguard.fortinet.com/psirt/FG-IR-23-085
A relative path traversal vulnerability [CWE-23] in FortiSIEM file upload components may allow an authenticated, low privileged user of the FortiSIEM GUI to escalate their privilege and replace arbitrary files on the underlying filesystem via specifically crafted HTTP requests. [...]
FortiWLM - Unauthenticated command injection vulnerability
> date : 2023-10-10 09:00:00
> lien :
https://fortiguard.fortinet.com/psirt/FG-IR-23-140
Multiple improper neutralization of special elements used in an os command ("OS command injection") vulnerabilities [CWE-78] in FortiWLM may allow a remote unauthenticated attacker to execute unauthorized commands via specifically crafted http get request parameters. [...]
FortiWLM - Authenticated command injection vulnerability
> date : 2023-10-10 09:00:00
> lien :
https://fortiguard.fortinet.com/psirt/FG-IR-23-141
Multiple Improper neutralization of special elements used in an os command vulnerabilities [CWE-78] in FortiWLM may allow a remote authenticated attacker with low privilege to execute unauthorized commands via specifically crafted http get request parameters. [...]
FortiSIEM - Remote unauthenticated os command injection
> date : 2023-10-10 09:00:00
> lien :
https://fortiguard.fortinet.com/psirt/FG-IR-23-130
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in FortiSIEM supervisor may allow a remote unauthenticated attacker to execute unauthorized commands via crafted API requests. [...]
|
page précédente |
page 2 |
page suivante |
FortiSIEM - multiple path traversal vulnerabilities
Sécurité
Classement
