An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.18 and below may allow a privileged malicious user to execute arbitrary bash commands via crafted cli backup parameters.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
fortinet fortiweb 7.0.0 |
||
fortinet fortiweb 7.0.1 |
||
fortinet fortiweb |