An improper neutralization of special elements used in an OS command vulnerability [CWE-78]  in the command line interpreter of FortiTester 2.3.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments when running execute restore/backup .
References
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: fortinet

Published: 2023-12-13T06:44:03.852Z

Updated: 2024-08-02T18:38:51.171Z

Reserved: 2023-08-21T09:03:44.315Z

Link: CVE-2023-40716

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Analyzed

Published: 2023-12-13T07:15:14.223

Modified: 2023-12-15T19:06:24.823

Link: CVE-2023-40716

cve-icon Redhat

No data.