Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiSandbox SQL注入漏洞
Vulnerability Description
Fortinet FortiSandbox是美国飞塔(Fortinet)公司的一款APT(高级持续性威胁)防护设备。该设备提供双重沙盒技术、动态威胁智能系统、实时控制面板和报告等功能。 Fortinet FortiSandbox 存在SQL注入漏洞,该漏洞源于产品未能过滤输入数据中的特殊字符。攻击者可通过该漏洞执行非法SQL语句。以下产品及版本受到影响: Fortinet FortiSandbox 3.1.0 至 3.1.4,Fortinet FortiSandbox 3.2.0 至 3.2.1 版本。
CVSS Information
N/A
Vulnerability Type
N/A