OS Command Injection Vulnerability in FortiManager by Fortinet
CVE-2024-48889

7.2HIGH

Key Information:

Vendor: Fortinet
Status: Fortimanager
Vendor: CVE Published:; 18 December 2024

Badges

📰 News Worthy

What is CVE-2024-48889?

The vulnerability presents an OS Command Injection risk, where improper neutralization of special elements allows an authenticated remote attacker to execute unauthorized commands. This affects multiple versions of FortiManager and FortiManager Cloud, posing significant security risks if exploited. Crafting specific FGFM requests could enable attackers to run arbitrary code, potentially compromising the integrity and availability of the affected systems.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

FortiManager 7.6.0

FortiManager 7.4.0 <= 7.4.4

FortiManager 7.2.3 <= 7.2.7

News Articles

Cyber Security News

CVE-2023-34990 CVE-2024-48889

Fortinet Vulnerabilities Let Attackers Execute Arbitrary Code Remotely

Fortinet, a leading cybersecurity solutions provider, has issued urgent advisories regarding two critical vulnerabilities affecting its FortiWLM and FortiManager products.

References

https://fortiguard.fortinet.com/psirt/FG-IR-24-425

CVSS V3.1

Score:

7.2

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Timeline

📰
First article discovered by Cyber Security News
Dec 19, 2024
Vulnerability published
Dec 18, 2024

JSON

Fortinet

Badges

What is CVE-2024-48889?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

News Articles

Fortinet Vulnerabilities Let Attackers Execute Arbitrary Code Remotely

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.