A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters
oryginał ENCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HFortinet Fortiextender
HWFortinetwszystkie wersjeFortinet Fortiextender Firmware
OSFortinet4.1.1 – 4.1.8 (bez)4.2.0 – 4.2.4 (bez)7.0.0 – 7.0.2 (bez)
Powiązane podatności
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet Forti...
An improper access control in Fortinet FortiExtender 4.1.1 - 4.1.9, 4.2.0 - 4.2.6, 5.3.2, 7.0.0 - 7.0.4, 7.2.0...
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability [CWE-22] in Fo...
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet Forti...
A debug messages revealing unnecessary information vulnerability in Fortinet FortiExtender 7.6.0 through 7.6.1...