A improper neutralization of argument delimiters in a command ('argument injection') in Fortinet FortiNAC versions 9.4.0, 9.2.0 up to and including 9.2.5, 9.1.0 up to and including 9.1.7, 8.8.0 up to and including 8.8.11, 8.7.0 up to and including 8.7.6, 8.6.0 up to and including 8.6.5, 8.5.0 up to and including 8.5.4, 8.3.7 allows malicious user to execute unauthorized code or commands via specially crafted input parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortinac |
||
fortinet fortinac 8.3.7 |
||
fortinet fortinac 9.4.0 |