North Korea-Linked Konni APT Group – Active IOCs
April 30, 2024Multiple WordPress Plugins Vulnerabilities
April 30, 2024North Korea-Linked Konni APT Group – Active IOCs
April 30, 2024Multiple WordPress Plugins Vulnerabilities
April 30, 2024Severity
High
Analysis Summary
CVE-2024-23662 CVSS:5.3
Fortient FortiOS could allow a remote attacker to obtain sensitive information. By sending a specially crafted HTTP request, an attacker could exploit this vulnerability to fingerprint the device version.
CVE-2024-23671 CVSS:8.1
Fortinet FortiSandbox could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by a path traversal vulnerability. By sending a specially crafted HTTP requet, an attacker could exploit this vulnerability to delete arbitrary files and execute unauthorized code or commands on the system.
CVE-2024-21756 CVSS:8.8
Fortinet FortiSandbox could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-47541 CVSS:6.7
Fortinet FortiSandbox could allow a local authenticated attacker to traverse directories on the system. An attacker could send a specially crafted request to execute arbitrary code.
CVE-2024-21755 CVSS:8.8
Fortinet FortiSandbox could allow a remote authenticated attacker to execute arbitrary commands on the system. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2023-47540 CVSS:6.7
Fortinet FortiSandbox could allow a local authenticated attacker to execute arbitrary commands on the system, caused by An improper neutralization of special elements. By sending a specially crafted request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
CVE-2024-31487 CVSS:5.9
Fortinet FortiSandbox could allow a remote attacker to traverse directories on the system. An attacker could send a specially-crafted HTTP request to read arbitrary files.
Impact
- Gain Access
- Information Obtained
- Information Disclosure
Indicators of Compromise
CVE
- CVE-2024-23662
- CVE-2024-23671
- CVE-2024-21756
- CVE-2023-47541
- CVE-2024-21755
- CVE-2023-47540
- CVE-2024-31487
Affected Vendors
Affected Products
- Fortinet FortiSandbox 2.4.1
- Fortinet FortiSandbox 2.5.0
- Fortinet FortiOS 7.2.0
- Fortinet FortiOS 7.0.0
- Fortinet FortiOS 6.4.0
- Fortinet FortiSandbox 3.2.0
- Fortinet FortiSandbox 4.0.0
- Fortinet FortiSandbox 2.4.0
- Fortinet FortiSandbox 3.1.0
- Fortinet FortiSandbox 4.2.0
- Fortinet FortiSandbox 4.4.0
- Fortinet FortiSandbox 4.2.4
- Fortinet FortiOS 7.4.0
- Fortinet FortiSandbox 4.2.6
- Fortinet FortiSandbox 4.4.3
- Fortinet FortiSandbox 4.0.4
- Fortinet FortiSandbox 2.5.2
- Fortinet FortiSandbox 3.2.2
- Fortinet FortiSandbox 3.1.5
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.