Lucene search
PRIOn knowledge basePRION:CVE-2022-33870HistoryNov 02, 2022 - 12:15 p.m.
Command injection
2022-11-0212:15:00
PRIOn knowledge base
www.prio-n.com
1
command injection
cwe-78
fortitester 3.0.0
fortitester 3.9.1
fortitester 4.0.0
fortitester 4.2.0
fortitester 7.0.0
fortitester 7.1.0
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the command line interpreter of FortiTester 3.0.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortitester | eq | 3.8.0 | |
| fortitester | eq | 7.0.0 | |
| fortitester | eq | 7.1.0 | |
| fortitester | eq | 3.0.0 | |
| fortitester | eq | 3.1.0 | |
| fortitester | eq | 3.2.0 | |
| fortitester | eq | 3.3.1 | |
| fortitester | eq | 3.3.0 | |
| fortitester | eq | 3.4.0 | |
| fortitester | eq | 3.5.0 |
References
Related
cvelist
cvelist
CVE-2022-33870
2022-11-02 00:00:00
fortinet
fortinet
FortiTester - Command injection in CLI command
2022-11-01 00:00:00
cve
cve
CVE-2022-33870
2022-11-02 12:15:53
nvd
nvd
CVE-2022-33870
2022-11-02 12:15:53