CVE-2024-21760

An improper control of generation of code ('Code Injection') vulnerability [CWE-94] in FortiSOAR Connector FortiSOAR 7.4 all versions, 7.3 all versions, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an authenticated attacker to execute arbitrary code on the host via a playbook code snippet.

Published: Mar 18, 2025
Updated: May 4, 2025
CVE: CVE-2024-21760
Exploit:

No technical information available.

CWEs:

CWE-94

Affected Software
References

Software	From	Fixed in
fortinet / fortisoar	6.4.0	7.4.5.x

https://fortiguard.fortinet.com/psirt/FG-IR-23-420

Vulnerability Database

CVE-2024-21760