Описание
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия от 6.1.0 (включая) до 7.0.3 (исключая)
cpe:2.3:a:fortinet:fortiddos-f:*:*:*:*:*:*:*:*
EPSS
Процентиль: 6%
0.00024
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-78
Связанные уязвимости
CVSS3: 6.7
github
5 месяцев назад
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests.
EPSS
Процентиль: 6%
0.00024
Низкий
6.7 Medium
CVSS3
Дефекты
CWE-78