Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple improper neutralization of special elements of SQL commands vulnerabilities in FortiMail before 6.4.4 may allow a non-authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
N/A
Vulnerability Title
Fortinet FortiMail SQL注入漏洞
Vulnerability Description
Fortinet FortiMail是美国飞塔(Fortinet)公司的一套电子邮件安全网关产品。该产品提供电子邮件安全防护和数据保护等功能。 FortiMail 存在安全漏洞,该漏洞源于6.4.4版本之前的FortiMail中SQL 命令的特殊元素存在多个不正确的中和漏洞。攻击者可利用该漏洞通过特制的 HTTP 请求执行未经授权的代码或命令。
CVSS Information
N/A
Vulnerability Type
N/A