- Description
- A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager versions 7.6.0 through 7.6.1, versions 7.4.5 through 7.4.0, and versions 7.2.1 through 7.2.8, FortiManager Cloud versions 7.6.0 through 7.6.1, versions 7.4.0 through 7.4.4, and versions 7.2.2 through 7.2.7 may allow an authenticated remote attacker to execute unauthorized code via FGFM crafted requests.
- Source
- psirt@fortinet.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- psirt@fortinet.com
- CWE-78
- Hype score
- Not currently trending
🚨 A critical vulnerability in FortiManager & FortiManager Cloud (versions 7.6.0-7.6.1, 7.4.0-7.4.5, 7.2.0-7.2.8) has finally been assigned a CVE: CVE-2024-50566. It allows authenticated attackers to execute unauthorized code. Patch released on Nov 15 update now! 🔒 #Infos
@Patrowl_io
15 Jan 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-50566 A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiManager versions 7.6.0 through 7.6.1, versions 7.4.5 thr… https://t.co/ZtgZVpPGNT
@CVEnew
14 Jan 2025
196 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "CBA16B3B-9767-4B61-BA35-2DDF70D66D09",
"versionEndExcluding": "7.2.9",
"versionStartIncluding": "7.2.1"
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "24796E3A-DDCB-4949-9080-5DCEEECF0B6C",
"versionEndExcluding": "7.4.6",
"versionStartIncluding": "7.4.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "241A8930-4ADA-4380-AA42-F10B28487595",
"versionEndExcluding": "7.6.2",
"versionStartIncluding": "7.6.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "57B085BA-AF25-4EE9-8EC6-BD588F3C90CF",
"versionEndExcluding": "7.2.8",
"versionStartIncluding": "7.2.2"
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "9FBDCAD3-019A-4F46-AB5D-448E525E4E94",
"versionEndExcluding": "7.4.5",
"versionStartIncluding": "7.4.0"
},
{
"criteria": "cpe:2.3:a:fortinet:fortimanager_cloud:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3C4D647A-5EA1-4047-9E59-987FC8A74F0B",
"versionEndExcluding": "7.6.2",
"versionStartIncluding": "7.6.0"
}
],
"operator": "OR"
}
]
}
]