exploitDog

GHSA-83pc-v7mg-rhvg

Опубликовано: 03 янв. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 8.8

Описание

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.2, FortiADC version 6.2.0 through 6.2.3, FortiADC version version 6.1.0 through 6.1.6, FortiADC version 6.0.0 through 6.0.4, FortiADC version 5.4.0 through 5.4.5 may allow an attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.2, FortiADC version 6.2.0 through 6.2.3, FortiADC version version 6.1.0 through 6.1.6, FortiADC version 6.0.0 through 6.0.4, FortiADC version 5.4.0 through 5.4.5 may allow an attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

Ссылки

EPSS

Процентиль: 82%

0.01711

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78

Связанные уязвимости

CVE-2022-39947

CVSS3: 8.8

nvd

около 3 лет назад

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.2, FortiADC version 6.2.0 through 6.2.3, FortiADC version version 6.1.0 through 6.1.6, FortiADC version 6.0.0 through 6.0.4, FortiADC version 5.4.0 through 5.4.5 may allow an attacker to execute unauthorized code or commands via specifically crafted HTTP requests.

BDU:2023-00040

CVSS3: 8.8

fstec

около 3 лет назад

Уязвимость веб-интерфейса контроллера доставки приложений FortiADC, позволяющая нарушителю выполнять произвольные команды

EPSS

Процентиль: 82%

0.01711

Низкий

8.8 High

CVSS3

CVE ID

Дефекты

CWE-78