A external control of file name or path in Fortinet FortiNAC versions 9.4.0, 9.2.0 through 9.2.5, 9.1.0 through 9.1.7, 8.8.0 through 8.8.11, 8.7.0 through 8.7.6, 8.6.0 through 8.6.5, 8.5.0 through 8.5.4, 8.3.7 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP request.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-22-300 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-02-16T18:06:55.108Z
Updated: 2024-08-03T12:07:42.912Z
Reserved: 2022-09-05T13:11:35.553Z
Link: CVE-2022-39952
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-02-16T19:15:13.060
Modified: 2023-11-07T03:50:41.250
Link: CVE-2022-39952
Redhat
No data.