CVE-2026-39815

A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...

CVE-2026-39815

A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...

CVE-2026-39815

Fortinet FortiDDoS-F versions 7.2.1–7.2.2 are described as vulnerable to an improper neutralization of special elements used in an SQL command (SQL injection). The issue could allow an attacker to execute unauthorized code or commands via an attack vector. The connected documents do not provide e...

CVE-2026-39815

A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...

Fortinet FortiDDoS-F 安全漏洞

Fortinet FortiDDoS-F is a distributed denial-of-service protection system developed by the American company Fortinet. Versions 7.2.1 to 7.2.2 of Fortinet FortiDDoS-F contain security vulnerabilities. These vulnerabilities stem from improper handling of special elements within SQL commands, which...

PT-2026-32694

A improper neutralization of special elements used in an sql command 'sql injection' vulnerability in Fortinet FortiDDoS-F 7.2.1 through 7.2.2 may allow attacker to execute unauthorized code or commands via sending crafted HTTP requests...

CVE-2022-27486

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...

EUVD-2022-31987

Malicious code in bioql PyPI...

CVE-2024-45325

An improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerabilities CWE-78 in Fortinet FortiDDoS-F version 7.0.0 through 7.02 and before 6.6.3 may allow a privileged attacker to execute unauthorized code or commands via crafted CLI requests...

CVE-2022-27486

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...

CVE-2022-27486

The issue CVE-2022-27486 affects Fortinet FortiDDoS and FortiDDoS-F CLI, where an improper neutralization of elements in an OS command enables an authenticated attacker to execute shell code as root via the execute command. Affected: FortiDDoS versions 4.5.0–5.5.1; FortiDDoS-F versions 6.1.0–6.3....

CVE-2022-27486

A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiDDoS version 5.5.0 through 5.5.1, 5.4.2 through 5.4.0, 5.3.0 through 5.3.1, 5.2.0, 5.1.0, 5.0.0, 4.7.0, 4.6.0 and 4.5.0 and FortiDDoS-F version 6.3.0 through 6.3.1, 6.2.0 through 6.2.2, 6.1...

Fortinet FortiDDoS 信任管理问题漏洞

Fortinet FortiDDoS is the only checkable DDoS mitigation platform from Fortinet USA. Fortinet FortiDDoS has a security vulnerability that stems from the use of hard-coded encryption keys. A remote attacker exploits the vulnerability to sign JWT tokens for other devices...