33 matches found
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
CVE-2026-39815
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
PT-2026-32694
A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...
EUVD-2024-54976
Malicious code in bioql PyPI...
EUVD-2023-32778
Malicious code in bioql PyPI...
Fortinet FortiDDoS-F Operating System Command Injection Vulnerability
Fortinet FortiDDoS-F is a distributed denial-of-service protection system from the U.S. company Fiat Fortinet. Fortinet FortiDDoS-F suffers from an operating system command injection vulnerability that stems from improper neutralization of special elements, which can be exploited by an attacker t...
CVE-2024-45325
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
CVE-2024-45325
Fortinet FortiDDoS-F VPN/OSS component is affected by an OS Command Injection (CWE-78) in FortiDDoS-F versions 7.0.0–7.02 and earlier than 6.6.3. The root cause is improper neutralization of special elements in CLI requests, enabling a privileged attacker to execute unauthorized commands via craf...
CVE-2024-45325
An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests...
Fortinet FortiDDoS-F 操作系统命令注入漏洞
Fortinet FortiDDoS-F is a distributed denial-of-service protection system from the U.S. company Fiat Fortinet. Fortinet FortiDDoS-F suffers from an operating system command injection vulnerability that stems from improper neutralization of special elements, which can be exploited by an attacker t...
PT-2025-11187
Name of the Vulnerable Software and Affected Versions: Fortinet FortiDDoS-F versions 7.0.0 through 7.02 Fortinet FortiDDoS-F versions prior to 6.6.3 Description: The software contains an improper neutralization of special elements used in an OS command, which may allow a privileged attacker to...
CVE-2022-27486
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...
CVE-2022-27486
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...
CVE-2022-27486
The issue CVE-2022-27486 affects Fortinet FortiDDoS and FortiDDoS-F CLI, where an improper neutralization of elements in an OS command enables an authenticated attacker to execute shell code as root via the execute command. Affected: FortiDDoS versions 4.5.0–5.5.1; FortiDDoS-F versions 6.1.0–6.3....
CVE-2022-27486
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...
CVE-2023-29177
Multiple buffer copy without checking size of input 'classic buffer overflow' vulnerabilities CWE-120 in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests...
CVE-2023-29177
Multiple buffer copy without checking size of input 'classic buffer overflow' vulnerabilities CWE-120 in FortiADC version 7.2.0 and before 7.1.2 & FortiDDoS-F version 6.5.0 and before 6.4.1 allows a privileged attacker to execute arbitrary code or commands via specifically crafted CLI requests...