Описание
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 7.1.0 (включая) до 7.1.2 (исключая)
Одно из
cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiadc:7.2.0:*:*:*:*:*:*:*
EPSS
Процентиль: 41%
0.00189
Низкий
7.8 High
CVSS3
Дефекты
CWE-78
CWE-78
Связанные уязвимости
CVSS3: 7.8
github
больше 2 лет назад
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 7.2.0, 7.1.0 through 7.1.1 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
EPSS
Процентиль: 41%
0.00189
Низкий
7.8 High
CVSS3
Дефекты
CWE-78
CWE-78