CVE-2024-47575 - Fortinet FortiManager Missing Authentication Vulnerability
CVE-2024-47575
Fortinet | FortiManager
- Date Added:
- 2024-10-23
- Due Date:
- 2024-11-13
- Vulnerability Name
Fortinet FortiManager Missing Authentication Vulnerability
- Description
Fortinet FortiManager contains a missing authentication vulnerability in the fgfmd daemon that allows a remote, unauthenticated attacker to execute arbitrary code or commands via specially crafted requests.
- Known To Be Used in Ransomware Campaigns?
Unknown
- Action
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
- Additional Notes
- https://fortiguard.fortinet.com/psirt/FG-IR-24-423 ; https://nvd.nist.gov/vuln/detail/CVE-2024-47575
- Related News Articles
Free security scan for your website