Multiple improper neutralization of special elements used in an os command ('OS Command Injection') vulnerabilties [CWE-78] in Fortinet FortiADCManager version 7.1.0 and before 7.0.0, FortiADC version 7.2.0 and before 7.1.2 allows a local authenticated attacker to execute arbitrary shell code as `root` user via crafted CLI requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-23-076 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2023-06-13T08:41:46.873Z
Updated: 2024-08-02T11:46:23.415Z
Reserved: 2023-02-20T15:09:20.637Z
Link: CVE-2023-26210
Vulnrichment
No data.
NVD
Status : Modified
Published: 2023-06-13T09:15:16.510
Modified: 2023-11-07T04:09:30.613
Link: CVE-2023-26210
Redhat
No data.