A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiOS version 6.0.0 through 6.0.14, FortiOS version 6.2.0 through 6.2.10, FortiOS version 6.4.0 through 6.4.8, FortiOS version 7.0.0 through 7.0.3 allows attacker to execute privileged commands on a linked FortiSwitch via diagnostic CLI commands.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-242 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2022-10-10T00:00:00
Updated: 2024-08-04T04:17:24.555Z
Reserved: 2021-11-23T00:00:00
Link: CVE-2021-44171
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2022-10-10T14:15:09.650
Modified: 2022-10-12T18:45:20.117
Link: CVE-2021-44171
Redhat
No data.