OS command injection leads to privilege escalation
Summary
An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.
Affected Products
FortiWAN versions 4.5.7 and below.
Solutions
Please upgrade to FortiWAN version 4.5.8 or above.