2 matches found
CVE-2023-25607
An improper neutralization of special elements used in an OS Command 'OS Command Injection' vulnerability CWE-78 in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions, FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 throug...
CVE-2023-25607
CVE-2023-25607 describes an OS Command Injection in Fortinet management interfaces due to unsafe usage of wordexp. Affected products include FortiManager (versions 6.0–7.2.2), FortiAnalyzer (6.0–7.2.2), and FortiADC (6.0–7.1.0). The vulnerability can allow an authenticated attacker with at least ...