3 matches found
Fortinet FortiWeb OS command injection due to direct input interpolation in API controllers (FG-IR-21-180)
The version of FortiWeb installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the FG-IR-21-180 advisory. - A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 6.4....
CVE-2021-43073
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests...
CVE-2021-43073
CVE-2021-43073 affects Fortinet FortiWeb (APIs: ApplicationDelivery, JsonProtection, WebProtection) with an OS command injection via improper neutralization of special elements in HTTP requests. Affected releases include FortiWeb 6.4.1/6.4.0, 6.3.15 and below, and 6.2.6 and below. Impact: authent...