Lucene search
China National Vulnerability DatabaseCNVD-2023-18291HistoryMar 13, 2023 - 12:00 a.m.
Fortinet FortiWeb OS Command Injection Vulnerability (CNVD-2023-18291)
2023-03-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
12
fortinet fortiweb
web application firewall
threat blocking
operating system command injection
attacker exploitation
unauthorized code execution
http requests
EPSS
0.002
Percentile
56.6%
Fortinet FortiWeb is a web application layer firewall from Fortinet that blocks threats such as cross-site scripting, SQL injection, cookie poisoning, schema poisoning and other attacks, secures web applications and protects sensitive database content. An operating system command injection vulnerability exists that could be exploited by an attacker to execute unauthorized code or commands via specially designed HTTP requests.
Related
cve
cve
CVE-2022-39951
2023-03-07 17:15:11
fortinet
fortinet
FortiWeb - command injection in webserver
2023-03-07 00:00:00
nessus
nessus
Fortinet FortiWeb - command injection in webserver (FG-IR-22-254)
2024-05-22 00:00:00
nvd
nvd
CVE-2022-39951
2023-03-07 17:15:11
prion
prion
Command injection
2023-03-07 17:15:00
cvelist
cvelist
CVE-2022-39951
2023-03-07 16:04:38