36 matches found
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
PT-2026-32694
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
EUVD-2023-32778
Malicious code in bioql PyPI...
EUVD-2024-54976
Malicious code in bioql PyPI...
Fortinet FortiDDoS-F Operating System Command Injection Vulnerability
Fortinet FortiDDoS-F is a distributed denial-of-service protection system from the U.S. company Fiat Fortinet. Fortinet FortiDDoS-F suffers from an operating system command injection vulnerability that stems from improper neutralization of special elements, which can be exploited by an attacker t...
CVE-2024-45325
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
CVE-2024-45325
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
CVE-2024-45325
Fortinet FortiDDoS-F VPN/OSS component is affected by an OS Command Injection (CWE-78) in FortiDDoS-F versions 7.0.0–7.02 and earlier than 6.6.3. The root cause is improper neutralization of special elements in CLI requests, enabling a privileged attacker to execute unauthorized commands via craf...
Fortinet FortiDDoS-F 操作系统命令注入漏洞
Fortinet FortiDDoS-F is a distributed denial-of-service protection system from the U.S. company Fiat Fortinet. Fortinet FortiDDoS-F suffers from an operating system command injection vulnerability that stems from improper neutralization of special elements, which can be exploited by an attacker t...
PT-2025-11187
Name of the Vulnerable Software and Affected Versions: Fortinet FortiDDoS-F versions 7.0.0 through 7.02 Fortinet FortiDDoS-F versions prior to 6.6.3 Description: The software contains an improper neutralization of special elements used in an OS command, which may allow a privileged attacker to...
The vulnerability of the command-line interface (CLI) of the software-defined security solutions FortiDDoS and FortiDDoS-F allows a attacker to execute arbitrary commands.
The vulnerability of the command-line interface CLI of software-defined security solutions like FortiDDoS and FortiDDoS-F lies in the lack of measures taken to neutralize special elements used in the operating system’s command line. Exploiting this vulnerability allows an attacker to execute...
CVE-2022-27486
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...
CVE-2022-27486
The issue CVE-2022-27486 affects Fortinet FortiDDoS and FortiDDoS-F CLI, where an improper neutralization of elements in an OS command enables an authenticated attacker to execute shell code as root via the execute command. Affected: FortiDDoS versions 4.5.0–5.5.1; FortiDDoS-F versions 6.1.0–6.3....
CVE-2022-27486
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...
CVE-2022-27486
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...
The vulnerability of the FortiDDoS-F software and the FortiADC web management tool lies in the use of an unauthorized intermediate policy file, allowing attackers to access confidential information.
The vulnerability of the FortiDDoS-F software and the FortiADC web management tool lies in the use of an unauthorized intermediate policy file. Exploiting this vulnerability can allow attackers to access confidential information...