A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7.0.0 up to and including 7.0.2, FortiWeb version 6.3.6 up to and including 6.3.20, FortiWeb 6.4 all versions allows malicious user to execute unauthorized code or commands via specifically crafted HTTP requests.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiweb |