PSIRT Advisories
FortiDeceptor - OS command injection vulnerabilities
Summary
Multiple OS command injection vulnerabilities in FortiDeceptor management interface may allow an authenticated user to execute arbitrary commands on the system via specifically crafted web requests.
Affected Products
FortiDeceptor version 4.0.0.
FortiDeceptor versions 3.3.1 and below.
FortiDeceptor versions 3.2.1 and below.
FortiDeceptor versions 3.1.x.
FortiDeceptor versions 3.0.x
FortiDeceptor versions 1.x.
Solutions
Please upgrade to FortiDeceptor versions 4.1.0 or above.
Please upgrade to FortiDeceptor versions 3.3.2 or above.
Please upgrade to FortiDeceptor versions 3.2.2 or above.