Описание
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiIsolator version 2.4.0 through 2.4.5 allows an authenticated attacker with at least read-only admin permission and CLI access to execute unauthorized code via specifically crafted CLI commands.
Ссылки
- Vendor Advisory
Уязвимые конфигурации
EPSS
8.8 High
CVSS3
Дефекты
Связанные уязвимости
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerabilities [CWE-78] in Fortinet FortiIsolator version 2.4.0 through 2.4.5 allows an authenticated attacker with at least read-only admin permission and CLI access to execute unauthorized code via specifically crafted CLI commands.
Уязвимость графического пользовательского интерфейса платформы изоляции браузеров FortiIsolator, позволяющая нарушителю выполнить произвольный код
EPSS
8.8 High
CVSS3