Skip to content

Commit

Permalink
Merge pull request #885 from kscdivd/main
Browse files Browse the repository at this point in the history 
Update DIVD-2024-00044.md
  • Loading branch information
@MrSeccubus
MrSeccubus authored Dec 6, 2024
2 parents 51aac22 + c43d923 commit 262cc47
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions _cases/2024/DIVD-2024-00044.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,7 @@ researchers:
- Alwin Warringa
- Max van der Horst
- Oscar Vlugt
- Koen Schagen
cves:
- CVE-2024-47575
product:
Expand All @@ -34,6 +35,12 @@ timeline:
- start: 2024-10-24
end:
event: "DIVD starts researching the vulnerability to determine a fingerprint"
- start: 2024-11-28
end:
event: "DIVD finds fingerprint, preparing to scan."
- start: 2024-11-28
end:
event: "DIVD starts scanning the internet for vulnerable instances."
---
## Summary
A missing authentication for critical function vulnerability [CWE-306] in FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. Reports have shown this vulnerability is exploited in the wild.
Expand Down

0 comments on commit 262cc47

Please sign in to comment.