Endpoint Vulnerability

OpenSSL CVE-2022-1292 OS Command Injection Vulnerability

Description

OpenSSL c_rehash script fails to sanitize shell metacharacters, enabling arbitrary command execution on systems where it runs automatically, including Debian Linux 9-11; fixed in OpenSSL 1.0.2ze, 1.1.1o, 3.0.3.

Affected Applications

OpenSSL

Version Updates

Date	Version	Status	Detail
2024-12-17	1.00791	Modified	OpenSSL
2024-06-20	1.00695	New	OpenSSL

References

https://openssl-library.org/news/vulnerabilities/index.html

ID	5704
Created	Jun 20, 2024
Description Updated	Jan 16, 2026
CVE ID
Risk
Coverage	FortiClient
OS	Windows
Vendor	OpenSSL
Patch	manual
Application	OpenSSL

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Endpoint Vulnerability

OpenSSL CVE-2022-1292 OS Command Injection Vulnerability

Description

Affected Applications

Version Updates

References

Research Center

Services

Protect

Detect

Respond

Recover

Identify

Network Security

Cloud & Application Security

Endpoint Security

Security Operations

Threat Intelligence Center

Support Center

Resource Center

About

Endpoint Vulnerability

OpenSSL CVE-2022-1292 OS Command Injection Vulnerability

Description

Affected Applications

Version Updates

References

Threat Intelligence
Center