Vulnerability CVE-2024-23109


Published: 2024-02-05

Description:
An improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiSIEM version 7.1.0 through 7.1.1 and 7.0.0 through 7.0.2 and 6.7.0 through 6.7.8 and 6.6.0 through 6.6.3 and 6.5.0 through 6.5.2 and 6.4.0 through 6.4.2 allows attacker to execute unauthorized code or commands via via crafted API requests.

 References:
https://fortiguard.com/psirt/FG-IR-23-130

Copyright 2026, cxsecurity.com

 

Back to Top