3 matches found
CVE-2021-22123
CVE-2021-22123 is an authenticated OS command injection vulnerability in FortiWeb’s management interface. It affects FortiWeb versions including 6.3.7 and below, 6.2.3 and below, 6.1.x, 6.0.x, and 5.9.x, enabling a remote authenticated attacker to run arbitrary commands on the device via the SAML...
Fortinet FortiWeb 操作系统命令注入漏洞
FortiWeb is a Web Application Firewall WAF that protects hosted web applications from attacks targeting known and unknown vulnerabilities. An OS command injection vulnerability exists in the management interface of FortiWeb. A remote authenticated attacker could exploit this vulnerability to...
Design/Logic Flaw
In Octopus Deploy 2019.4.0 through 2019.6.x before 2019.6.6, and 2019.7.x before 2019.7.6, an authenticated system administrator is able to view sensitive values by visiting a server configuration page or making an API call...