Security Advisory

CVE-2022-39951

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2023-03-07 16:04:38
Last updated 2024-10-23 14:31:46
Assigner fortinet
State PUBLISHED

Description

A improper neutralization of special elements used in an os command (os command injection) in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests.