An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HFortinet Fortiwan
APPFortinet< 4.5.8
Powiązane podatności
Path traversal umożliwiający usunięcie plików i reset hasła admina w FortiWAN
Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiWAN before...
** UNSUPPORTED WHEN ASSIGNED **A improper limitation of a pathname to a restricted directory ('path traversal'...
** UNSUPPORTED WHEN ASSIGNED **An improper authentication vulnerability [CWE-287] in Fortinet FortiWAN version...
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management ...