2023-02-16 18:06:16
fortinet
PUBLISHED
Multiple improper neutralization of special elements used in an OS Command (OS Command Injection) vulnerabilities [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.19 and below may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests.