A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiExtender 7.0.0 up to and including 7.0.3, 5.3.2, 4.2.4 and below allows malicious user to execute unauthorized code or commands via crafted HTTP requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiextender_firmware |
||
fortinet fortiextender_firmware 3.0.0 |
||
fortinet fortiextender_firmware 3.0.1 |
||
fortinet fortiextender_firmware 3.0.2 |
||
fortinet fortiextender_firmware 3.1.0 |
||
fortinet fortiextender_firmware 3.1.1 |
||
fortinet fortiextender_firmware 5.3.2 |