An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in SSH login components of FortiTester 2.3.0 up to and including 3.9.1, 4.0.0 up to and including 4.2.0, 7.0.0 up to and including 7.1.0 may allow an unauthenticated remote malicious user to execute arbitrary command in the underlying shell.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortitester |