PSIRTMultiple OS command injection in Web Vulnerability Scanner
Summary
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78] in FortiADC may allow an authenticated attacker to execute unauthorized code via crafted HTTP requests.
| Version | Affected | Solution |
|---|---|---|
| FortiADC 8.0 | 8.0 all versions | Migrate to a fixed release |
| FortiADC 7.6 | 7.6 all versions | Migrate to a fixed release |
| FortiADC 7.4 | 7.4 all versions | Migrate to a fixed release |
| FortiADC 7.2 | 7.2 all versions | Migrate to a fixed release |
| FortiADC 7.1 | 7.1 all versions | Migrate to a fixed release |
| FortiADC 7.0 | 7.0 all versions | Migrate to a fixed release |
| FortiADC 6.2 | 6.2 all versions | Migrate to a fixed release |
| FortiADC 6.1 | 6.1 all versions | Migrate to a fixed release |
| FortiADC 6.0 | 6.0 all versions | Migrate to a fixed release |
| FortiADC 5.4 | 5.4 all versions | Migrate to a fixed release |
| FortiADC 5.3 | 5.3 all versions | Migrate to a fixed release |
| FortiADC 5.2 | 5.2 all versions | Migrate to a fixed release |
| FortiADC 5.1 | 5.1 all versions | Migrate to a fixed release |
| FortiADC 5.0 | 5.0 all versions | Migrate to a fixed release |
| FortiADC 4.8 | 4.8 all versions | Migrate to a fixed release |
| FortiADC 4.7 | 4.7 all versions | Migrate to a fixed release |
| FortiADC 4.6 | 4.6 all versions | Migrate to a fixed release |
| FortiADC 4.5 | 4.5 all versions | Migrate to a fixed release |
| FortiADC 4.4 | 4.4 all versions | Migrate to a fixed release |
| FortiADC 4.3 | 4.3 all versions | Migrate to a fixed release |
| FortiADC 4.2 | 4.2 all versions | Migrate to a fixed release |
| FortiADC 4.1 | 4.1 all versions | Migrate to a fixed release |
| FortiADC 4.0 | 4.0 all versions | Migrate to a fixed release |
| FortiADC 3.2 | 3.2 all versions | Migrate to a fixed release |
| FortiADC 3.1 | 3.1 all versions | Migrate to a fixed release |
| FortiADC 3.0 | 3.0 all versions | Migrate to a fixed release |