A format string vulnerability [CWE-134] in the command line interpreter of FortiADC version 6.0.0 up to and including 6.0.4, FortiADC version 6.1.0 up to and including 6.1.5, FortiADC version 6.2.0 up to and including 6.2.1, FortiProxy version 1.0.0 up to and including 1.0.7, FortiProxy version 1.1.0 up to and including 1.1.6, FortiProxy version 1.2.0 up to and including 1.2.13, FortiProxy version 2.0.0 up to and including 2.0.7, FortiProxy version 7.0.0 up to and including 7.0.1, FortiOS version 6.0.0 up to and including 6.0.14, FortiOS version 6.2.0 up to and including 6.2.10, FortiOS version 6.4.0 up to and including 6.4.8, FortiOS version 7.0.0 up to and including 7.0.2, FortiMail version 6.4.0 up to and including 6.4.5, FortiMail version 7.0.0 up to and including 7.0.2 may allow an authenticated user to execute unauthorized code or commands via specially crafted command arguments.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiproxy |
||
fortinet fortios |
||
fortinet fortiadc 6.2.0 |
||
fortinet fortiadc 6.2.1 |
||
fortinet fortimail |
||
fortinet fortiproxy 7.0.0 |
||
fortinet fortiproxy 7.0.1 |
||
fortinet fortiadc |