A improper neutralization of special elements used in a command ('command injection') in Fortinet FortiExtender version 7.0.1 and below, 4.2.3 and below, 4.1.7 and below allows an authenticated attacker to execute privileged shell commands via CLI commands including special characters
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/advisory/FG-IR-21-148 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2022-02-02T10:58:37
Updated: 2024-08-04T02:59:31.059Z
Reserved: 2021-09-13T00:00:00
Link: CVE-2021-41016
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-02-02T11:15:07.777
Modified: 2022-07-12T17:42:04.277
Link: CVE-2021-41016
Redhat
No data.