An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR prior to 7.2.1 allows an authenticated malicious user to execute unauthorized code or commands via crafted HTTP GET requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortisoar 7.2.0 |
||
fortinet fortisoar |