15 matches found
EUVD-2022-27447
Malicious code in bioql PyPI...
CVE-2022-22301
An improper neutralization of special elements used in an OS Command vulnerability CWE-78 in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments...
CVE-2023-25608
An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all...
Design/Logic Flaw
An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all...
CVE-2023-25608
An incomplete filtering of one or more instances of special elements vulnerability CWE-792 in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all...
PT-2023-20192 · Fortinet · Fortiap-W2 +3
Name of the Vulnerable Software and Affected Versions: FortiAP-W2 versions 6.0 through 7.2.1 FortiAP-C versions 5.2 through 5.4.4 FortiAP versions 6.0 through 7.2.1 FortiAP-U versions 5.4 through 7.0.0 Description: An incomplete filtering of one or more instances of special elements in the comman...
The vulnerability of the Fortinet FortiAP-C console’s microprogramming software allows a hacker to execute arbitrary commands.
The vulnerability of the Fortinet FortiAP-C console software involves the lack of measures taken to neutralize special elements used in the operating system’s command line interface. Exploiting this vulnerability allows an attacker to execute arbitrary commands through the CLI command line...
CVE-2022-22301
An improper neutralization of special elements used in an OS Command vulnerability CWE-78 in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments...
CVE-2022-22301
An improper neutralization of special elements used in an OS Command vulnerability CWE-78 in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments...
Command injection
An improper neutralization of special elements used in an OS Command vulnerability CWE-78 in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments...
CVE-2022-22301
An improper neutralization of special elements used in an OS Command vulnerability CWE-78 in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments...
CVE-2022-22301
An improper neutralization of special elements used in an OS Command vulnerability CWE-78 in FortiAP-C console 5.4.0 through 5.4.3, 5.2.0 through 5.2.1 may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments...
CVE-2022-22301
Summary (CVE-2022-22301) : FortiAP-C consoles suffer from an OS command injection due to improper neutralization of special elements in CLI arguments. Affected versions range from 5.4.0 to 5.4.3 and 5.2.0 to 5.2.1. The issue can allow an authenticated attacker to execute arbitrary commands with C...
Fortinet FortiAP 操作系统命令注入漏洞
Fortinet FortiAP, a Fortinet controller for managing wireless access point devices, is vulnerable to an operating system command injection vulnerability that stems from the lack of valid escaping and filtering of special elements used in the FortiAP-C console, which could be exploited by an...
FortiAP-C - Command injection in CLI
An improper neutralization of special elements used in an OS Command vulnerability CWE-78 in FortiAP-C console may allow an authenticated attacker to execute unauthorized commands by running CLI commands with specifically crafted arguments...