Описание
An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:fortinet:fortideceptor:3.0.0:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:3.0.1:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortideceptor:3.1.0:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05549
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78
Связанные уязвимости
github
больше 3 лет назад
An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote authenticated attacker to execute arbitrary commands on the system by exploiting a command injection vulnerability on the Customization page.
EPSS
Процентиль: 90%
0.05549
Низкий
8.8 High
CVSS3
9 Critical
CVSS2
Дефекты
CWE-78