{"vulnerability": "cve-2024-5296", "sightings": [{"uuid": "d450d693-5137-465d-9e85-ab1ffffb8e6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52963", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827709451403710", "content": "", "creation_timestamp": "2025-01-14T16:43:28.487371Z"}, {"uuid": "e75552d8-18dc-4210-a47c-8a1acb2db081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52967", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827709468427063", "content": "", "creation_timestamp": "2025-01-14T16:43:28.630163Z"}, {"uuid": "ccf0165b-839a-4b31-9e98-85c95fd55e0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52963", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgxcbdv42j", "content": "", "creation_timestamp": "2025-01-14T14:18:02.056647Z"}, {"uuid": "30fc2d33-4e4f-4989-9497-9ddbdd8a56ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52969", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827709483405357", "content": "", "creation_timestamp": "2025-01-14T16:43:28.911543Z"}, {"uuid": "6486399b-c31f-4b55-ad32-122f401935bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52969", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgxi3dqh2n", "content": "", "creation_timestamp": "2025-01-14T14:18:08.171803Z"}, {"uuid": "9153c04f-f100-42d0-aa99-992ff573e6bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52969", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfpief2bum2u", "content": "", "creation_timestamp": "2025-01-14T14:43:16.180218Z"}, {"uuid": "9a72f552-39ce-45bf-b266-4cc586c948f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52969", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113827355879730690", "content": "", "creation_timestamp": "2025-01-14T15:13:33.827545Z"}, {"uuid": "36e656a3-d405-4164-bb87-da2b5e901ab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52967", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113827355879730690", "content": "", "creation_timestamp": "2025-01-14T15:13:34.164676Z"}, {"uuid": "afb58b67-e896-4a9a-a873-ca6d2b9f04e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52967", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgxf5xlc2c", "content": "", "creation_timestamp": "2025-01-14T14:18:05.100231Z"}, {"uuid": "2b419898-e2cf-4069-9f65-470cca4ca0ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52966", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113986285747112968", "content": "", "creation_timestamp": "2025-02-11T16:51:30.746613Z"}, {"uuid": "259a5078-a480-471f-be80-7c4f4d19a68a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52960", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0083", "content": "", "creation_timestamp": "2025-03-12T09:51:18.000000Z"}, {"uuid": "cd087c9a-ff1d-4393-adfd-72fcd9604641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52961", "type": "seen", "source": "https://advisories.ncsc.nl/advisory?id=NCSC-2025-0083", "content": "", "creation_timestamp": "2025-03-12T09:51:18.000000Z"}, {"uuid": "d3e5011b-a560-4651-8da8-5bb779c12055", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52968", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113986344744783139", "content": "", "creation_timestamp": "2025-02-11T17:06:30.892567Z"}, {"uuid": "701fc191-9086-4e89-b7de-bc3b438c34ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52966", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw5ylhmdy2p", "content": "", "creation_timestamp": "2025-02-11T17:16:43.010986Z"}, {"uuid": "94ac067f-0e72-42e7-be6b-7965f2cc52fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52968", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw5ynuuvt2x", "content": "", "creation_timestamp": "2025-02-11T17:16:45.621405Z"}, {"uuid": "8cec1fd5-8b21-4297-94da-5441c24779d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52966", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113986497919466758", "content": "", "creation_timestamp": "2025-02-11T17:45:28.715286Z"}, {"uuid": "d5363705-51a3-4dc2-8970-e980fe34c3a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52968", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113986497919466758", "content": "", "creation_timestamp": "2025-02-11T17:45:28.831814Z"}, {"uuid": "d5e3efa2-3a17-482f-8ef1-bc5fe1fa8bc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52968", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhwbkaaeyu2t", "content": "", "creation_timestamp": "2025-02-11T18:20:16.358849Z"}, {"uuid": "1b78adac-27fb-418f-84b5-781b53b2400e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52961", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-8eaa21ec-de6847694340d6ba", "content": "", "creation_timestamp": "2025-03-14T07:37:35.997403Z"}, {"uuid": "70ede677-509f-4c02-9d04-b880118af5f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52963", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-06", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "c73a0075-79dd-4b4a-8782-bc347a9d384d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52961", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lk5rdo2xok2i", "content": "", "creation_timestamp": "2025-03-12T04:41:57.898116Z"}, {"uuid": "e6c44c5b-f561-4dd3-8fe8-aa2478bb1f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52961", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114144582151960068", "content": "", "creation_timestamp": "2025-03-11T15:48:25.830895Z"}, {"uuid": "c3e4b052-9ab5-4a94-a433-1940b3425473", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52963", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-135-01", "content": "", "creation_timestamp": "2025-05-15T10:00:00.000000Z"}, {"uuid": "65c54218-8b62-4a84-b00f-7a9e4dcd9c97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52961", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114144582323119479", "content": "", "creation_timestamp": "2025-03-11T15:48:26.118936Z"}, {"uuid": "995fbdab-bb66-4e8b-9efb-ceb3579cc0a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52962", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmcygeqlik2h", "content": "", "creation_timestamp": "2025-04-08T17:22:28.540012Z"}, {"uuid": "764bc81d-5509-4ad9-ab9a-70cbd3529497", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52960", "type": "seen", "source": "https://t.me/cvedetector/20096", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52960 - Fortinet FortiSandbox Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52960 \nPublished : March 11, 2025, 3:15 p.m. | 1\u00a0hour ago \nDescription : A client-side enforcement of server-side security vulnerability [CWE-602]\u00a0in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.6 and before 4.2.7 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T17:37:44.000000Z"}, {"uuid": "179599bf-95aa-4b78-8ae7-4bbf7736d802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52960", "type": "seen", "source": "MISP/682bdba3-46b7-4a8f-b7be-c6bf4b4f9868", "content": "", "creation_timestamp": "2025-08-13T13:26:34.000000Z"}, {"uuid": "892cb1bb-192d-412a-90f6-12f93f7b1744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52961", "type": "seen", "source": "https://t.me/cvedetector/20097", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52961 - Fortinet FortiSandbox OS Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52961 \nPublished : March 11, 2025, 3:15 p.m. | 1\u00a0hour ago \nDescription : An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.7, 4.2.0 through 4.2.7 and before 4.0.5 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T17:37:45.000000Z"}, {"uuid": "6c86cbeb-294e-46b6-b233-c46236248b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52962", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10921", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52962\n\ud83d\udd25 CVSS Score: 5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:P/RL:X/RC:C)\n\ud83d\udd39 Description: An\u00a0Improper Output Neutralization for Logs vulnerability [CWE-117] in FortiAnalyzer version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.13 and below and FortiManager version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.12 and below may allow an unauthenticated remote attacker to pollute the logs via crafted login requests.\n\ud83d\udccf Published: 2025-04-08T14:03:34.946Z\n\ud83d\udccf Modified: 2025-04-08T14:27:48.420Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-453", "creation_timestamp": "2025-04-08T14:47:14.000000Z"}, {"uuid": "9648c378-2919-4f03-b6e5-60e1c89eb5ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52966", "type": "seen", "source": "https://t.me/cvedetector/17725", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52966 - Fortinet FortiAnalyzer Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52966 \nPublished : Feb. 11, 2025, 5:15 p.m. | 58\u00a0minutes ago \nDescription : An exposure of sensitive information to an unauthorized actor in Fortinet FortiAnalyzer 6.4.0 through 7.6.0 allows attacker to cause information disclosure via filter manipulation. \nSeverity: 2.3 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T19:52:56.000000Z"}, {"uuid": "3da87cf0-afd7-4afe-a0fb-3561363b0e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52968", "type": "seen", "source": "https://t.me/cvedetector/17719", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52968 - Fortinet FortiClientMac Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-52968 \nPublished : Feb. 11, 2025, 5:15 p.m. | 58\u00a0minutes ago \nDescription : An improper authentication in Fortinet FortiClientMac 7.0.11 through 7.2.4 allows attacker to gain improper access to MacOS via empty password. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T19:52:48.000000Z"}, {"uuid": "6518c265-7cbf-4876-b1f4-d0c464fee32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52969", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1615", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52969\n\ud83d\udd39 Description: An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 and below, version 7.1.0, version 7.0.3 and below, version 6.7.9 and below, 6.7.8, version 6.6.5 and below, version 6.5.3 and below, version 6.4.4 and below Update/Create Case feature may allow an authenticated attacker to extract database information via crafted requests.\n\ud83d\udccf Published: 2025-01-14T14:08:59.640Z\n\ud83d\udccf Modified: 2025-01-14T20:55:36.518Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-417", "creation_timestamp": "2025-01-14T21:11:30.000000Z"}, {"uuid": "7c4f2032-f16d-43ad-83d2-5dcd053e726b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52963", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1601", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52963\n\ud83d\udd39 Description: A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets.\n\ud83d\udccf Published: 2025-01-14T14:08:31.001Z\n\ud83d\udccf Modified: 2025-01-14T20:57:21.296Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-373", "creation_timestamp": "2025-01-14T21:10:05.000000Z"}, {"uuid": "97304dd8-f136-408f-9408-ad0a3ea9f9ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52967", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1626", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52967\n\ud83d\udd39 Description: An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiPortal 6.0.0 through 6.0.14 allows attacker to execute unauthorized code or commands via html injection.\n\ud83d\udccf Published: 2025-01-14T14:09:44.113Z\n\ud83d\udccf Modified: 2025-01-14T20:54:08.452Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-211", "creation_timestamp": "2025-01-14T21:12:16.000000Z"}, {"uuid": "c0e6e21e-31be-4de6-a0be-3c8cd290d7bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52961", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7285", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52961\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:X/RC:C)\n\ud83d\udd39 Description: An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in Fortinet FortiSandbox version 5.0.0, 4.4.0 through 4.4.7, 4.2.0 through 4.2.7 and before 4.0.5 allows an authenticated attacker with at least read-only permission to execute unauthorized commands via crafted requests.\n\ud83d\udccf Published: 2025-03-11T14:54:30.498Z\n\ud83d\udccf Modified: 2025-03-12T04:00:57.521Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-306", "creation_timestamp": "2025-03-12T04:43:18.000000Z"}, {"uuid": "ad070199-ac79-49db-947f-442ddb9ec47f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52969", "type": "seen", "source": "Telegram/UiigbtdQ2ZUDWLK2BsxbrK1mRCNJKx2jQKKzFsbq6FGfjML-", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}, {"uuid": "3b3a66ac-6cb3-4e82-8a0e-10ed4fb30250", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52962", "type": "seen", "source": "https://t.me/cvedetector/22462", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52962 - FortiAnalyzer FortiManager Improper Output Neutralization for Logs\", \n  \"Content\": \"CVE ID : CVE-2024-52962 \nPublished : April 8, 2025, 2:15 p.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : An\u00a0Improper Output Neutralization for Logs vulnerability [CWE-117] in FortiAnalyzer version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.13 and below and FortiManager version 7.6.1 and below, version 7.4.5 and below, version 7.2.8 and below, version 7.0.12 and below may allow an unauthenticated remote attacker to pollute the logs via crafted login requests. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T18:10:53.000000Z"}, {"uuid": "e99f53ea-9cbd-4746-ad10-f6c5e3bf25c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52969", "type": "seen", "source": "https://t.me/cvedetector/15249", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52969 - FortiSIEM SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52969 \nPublished : Jan. 14, 2025, 2:15 p.m. | 21\u00a0minutes ago \nDescription : An Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiSIEM ersion 7.1.7 and below, version 7.1.0, version 7.0.3 and below, version 6.7.9 and below, 6.7.8, version 6.6.5 and below, version 6.5.3 and below, version 6.4.4 and below Update/Create Case feature may allow an authenticated attacker to extract database information via crafted requests. \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T15:39:31.000000Z"}, {"uuid": "ac7dc046-8b27-4207-876d-b58b4afdb07a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52967", "type": "seen", "source": "https://t.me/cvedetector/15260", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52967 - Fortinet FortiPortal Basic Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-52967 \nPublished : Jan. 14, 2025, 2:15 p.m. | 21\u00a0minutes ago \nDescription : An improper neutralization of script-related html tags in a web page (basic xss) in Fortinet FortiPortal 6.0.0 through 6.0.14 allows attacker to execute unauthorized code or commands via html injection. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T15:39:45.000000Z"}, {"uuid": "5ee21f7f-d09f-4c26-af0c-bf5162f8cc8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52963", "type": "seen", "source": "https://t.me/cvedetector/15259", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52963 - Fortinet FortiOS Out-of-Bounds Write Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52963 \nPublished : Jan. 14, 2025, 2:15 p.m. | 21\u00a0minutes ago \nDescription : A out-of-bounds write in Fortinet FortiOS versions 7.6.0, 7.4.0 through 7.4.6, 7.2.0 through 7.2.10, 7.0.0 through 7.0.16, 6.4.0 through 6.4.15 allows attacker to trigger a denial of service via specially crafted packets. \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T15:39:45.000000Z"}, {"uuid": "ac718c88-1847-4e38-be53-0dfe8c55eb19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52967", "type": "seen", "source": "Telegram/w0ePuWmQFnK-a10NNKq4-4_9IZ9AVIzZg1Ma08JAsALf7Gmh", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}, {"uuid": "de00ce26-1b7d-4fe4-af08-fb493840c853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52963", "type": "seen", "source": "Telegram/56_wac7Ymb09ZMd72JdYi4EVFp-7rEVQBHaDxDEw27BZABD8", "content": "", "creation_timestamp": "2025-02-06T02:40:20.000000Z"}, {"uuid": "afe3b0e7-f795-4fc6-92a0-aaea9fd3b323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52961", "type": "seen", "source": "https://t.me/true_secator/6837", "content": "Fortinet \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0438 18 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432\u043b\u0438\u044f\u044e\u0449\u0438\u0445 \u043d\u0430 FortiOS, FortiProxy, FortiPAM, FortiSRA, FortiAnalyzer, FortiManager, FortiAnalyzer-BigData, FortiSandbox, FortiNDR, FortiWeb, FortiSIEM \u0438 FortiADC.\n\n\u041a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0441\u044f CVE-2023-48790 - \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c XSS \u0432 FortiNDR, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434.\n\n\u0412 FortiOS, FortiProxy, FortiPAM, FortiSRA \u0438 FortiWeb \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 CVE-2024-45325, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434 \u0438\u043b\u0438 \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u0422\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043e\u0448\u0438\u0431\u043a\u0438, \u043f\u043e-\u0432\u0438\u0434\u0438\u043c\u043e\u043c\u0443, \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b.\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2023-40723 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432\u043b\u0438\u044f\u0435\u0442 \u043d\u0430 FortiSIEM \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e \u0441\u0447\u0438\u0442\u044b\u0432\u0430\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u0431\u0430\u0437\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 API-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\u00a0\n\n\u0412 FortiSandbox Fortinet\u00a0\u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2024-45328 (\u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439), CVE-2024-52961 (\u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u0435 \u043a\u043e\u043c\u0430\u043d\u0434) \u0438 CVE-2024-54027 (\u0447\u0442\u0435\u043d\u0438\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445), \u0432\u0441\u0435 \u043e\u043d\u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 \u043e\u0446\u0435\u043d\u043a\u0443 \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438.\n\n\u0412 FortiIsolator \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 CVE-2024-55590, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0441 \u043f\u0440\u0430\u0432\u0430\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u043d\u0430 \u0447\u0442\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u0434, \u0430 \u0432 FortiADC \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2023-37933, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 XSS-\u0430\u0442\u0430\u043a\u0438.\u00a0\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 Fortinet \u0432 \u0441\u0432\u043e\u0438\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445, \u043c\u043e\u0433\u0443\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434, \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u0444\u0430\u0439\u043b\u043e\u0432 \u0438 \u043e\u0431\u0445\u043e\u0434\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0432\u0435\u0431-\u0431\u0440\u0430\u043d\u0434\u043c\u0430\u0443\u044d\u0440\u043e\u0432.\n\n\u0422\u0430\u043a\u0436\u0435 \u0431\u044b\u043b\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0434\u043e\u043f\u0443\u0441\u043a\u0430\u044e\u0449\u0430\u044f \u043d\u0435\u0441\u0430\u043d\u043a\u0446\u0438\u043e\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438.\n\nFortinet \u0437\u0430\u044f\u0432\u0438\u043b\u0430, \u0447\u0442\u043e \u043c\u043d\u043e\u0433\u0438\u0435 \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0431\u044b\u043b\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0432\u043d\u0443\u0442\u0440\u0438 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438, \u043d\u0435 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u044f \u043f\u0440\u0438 \u044d\u0442\u043e\u043c \u043e \u0444\u0430\u043a\u0442\u0430\u0445 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u0430\u043a\u043e\u0439-\u043b\u0438\u0431\u043e \u0438\u0437 \u043d\u0438\u0445.\n\n\u041d\u043e, \u043a\u0430\u043a \u043f\u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430, \u044d\u0442\u043e \u0442\u043e\u043b\u044c\u043a\u043e \u043f\u043e\u043a\u0430.", "creation_timestamp": "2025-03-13T16:20:05.000000Z"}]}