← back
CVE-2021-26096

CVE-2021-26096

CVSS 6.4 MEDIUMEPSS 0.8%
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.4EPSS 0.8%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
04 Aug 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments.
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:H/A:L/E:X/RL:X/RC:X
Affected products
Fortinet · Fortinet FortiSandbox

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://fortiguard.com/advisory/FG-IR-20-188