{"vulnerability": "CVE-2024-55594", "sightings": [{"uuid": "18110e7a-d87a-483d-9f8c-fa695affd68f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55594", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114162103566286961", "content": "", "creation_timestamp": "2025-03-14T18:04:18.289578Z"}, {"uuid": "3c9563bb-3bbf-4da1-99c3-c569a5ddae06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55594", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7591", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55594\n\ud83d\udd25 CVSS Score: 5.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L/E:F/RL:X/RC:X)\n\ud83d\udd39 Description: An improper handling of syntactically invalid structure in Fortinet FortiWeb at least vesrions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests.\n\ud83d\udccf Published: 2025-03-14T16:25:33.078Z\n\ud83d\udccf Modified: 2025-03-14T16:25:33.078Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-23-115", "creation_timestamp": "2025-03-14T16:44:08.000000Z"}, {"uuid": "3257f099-613f-43c5-a291-fcb17f9fc534", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55594", "type": "seen", "source": "https://t.me/cvedetector/20318", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55594 - Fortinet FortiWeb HTTP/S Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-55594 \nPublished : March 14, 2025, 5:15 p.m. | 19\u00a0minutes ago \nDescription : An improper handling of syntactically invalid structure in Fortinet FortiWeb at least vesrions 7.4.0 through 7.4.6 and 7.2.0 through 7.2.10 and 7.0.0 through 7.0.10 allows attacker to execute unauthorized code or commands via HTTP/S crafted requests. \nSeverity: 5.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T19:13:13.000000Z"}]}