FortiDDoS Multiple OS command injection Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-16-037 Final 1 1 2016-09-28T00:00:00 Current version 2016-09-28T00:00:00 2016-09-28T00:00:00 A vulnerability in FortiDDoS allows escalation of privilege via remote OS injection through crafted URLs sent to the GUI. The user is required to be logged in for an exploit to work. None Execute unauthorized code or commands FortiDDoS (Series B models only) versions below and including 4.2.2 Upgrade to versions 4.2.3 https://fortiguard.fortinet.com/psirt/FG-IR-16-037 FortiDDoS Multiple OS command injection - - Fortinet is pleased to thank Juan Pablo Lopez Yacubian for reporting this vulnerability under responsible disclosure 0 https://fortiguard.fortinet.com/psirt/FG-IR-16-037 FortiDDoS Multiple OS command injection Reference> - -