FortiADC - Command injection in external resource module
Summary
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
Version | Affected | Solution |
---|---|---|
FortiADC 7.2 | 7.2.0 | Upgrade to 7.2.1 or above |
FortiADC 7.1 | 7.1.0 through 7.1.1 | Upgrade to 7.1.2 or above |