An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiWeb version 6.4.0 up to and including 6.4.1, FortiWeb version 6.3.0 up to and including 6.3.17, FortiWeb all versions 6.2, FortiWeb all versions 6.1, FortiWeb all versions 6.0, FortiRecorder version 6.4.0 up to and including 6.4.3, FortiRecorder all versions 6.0, FortiRecorder all versions 2.7 may allow an authenticated user to read arbitrary files via specially crafted command arguments.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiweb |
||
fortinet fortirecorder firmware |