FortiExtender - Arbitrary command execution because of missing CLI input sanitization
Fortinet PSIRT Advisories
Fortinet PSIRT Contact:
Website: https://fortiguard.fortinet.com/faq/psirt-contact
FG-IR-21-148
Final
1
1
2022-02-01T00:00:00
Current version
2022-02-01T00:00:00
2022-02-01T00:00:00
An improper neutralization of special elements used in a command vulnerability ('Command Injection') [CWE-77] in FortiExtender may allow an authenticated user to raise its privileges to admin user via crafted arguments of the `execute` CLI command.
None
Escalation of privilege
FortiExtender version 7.0.1 and below. FortiExtender version 4.2.3 and below. FortiExtender version 4.1.7 and below.
Upgrade to FortiExtender version 7.0.2 or above. Upgrade to FortiExtender version 4.2.4 or above. Upgrade to FortiExtender version 4.1.8 or above.
Internally discovered and reported by Mattia Fecit of Fortinet PSIRT team.
FortiExtender 7.0.1
FortiExtender 7.0.0
FortiExtender 4.2.3
FortiExtender 4.2.2
FortiExtender 4.2.1
FortiExtender 4.2.0
FortiExtender 4.1.7
FortiExtender 4.1.6
FortiExtender 4.1.5
FortiExtender 4.1.4
FortiExtender 4.1.3
FortiExtender 4.1.2
FortiExtender 4.1.1
FortiExtender - Arbitrary command execution because of missing CLI input sanitization
CVE-2021-41016
FortiExtender-7.0.1
FortiExtender-7.0.0
FortiExtender-4.2.3
FortiExtender-4.2.2
FortiExtender-4.2.1
FortiExtender-4.2.0
FortiExtender-4.1.7
FortiExtender-4.1.6
FortiExtender-4.1.5
FortiExtender-4.1.4
FortiExtender-4.1.3
FortiExtender-4.1.2
FortiExtender-4.1.1
7.4
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:C
https://fortiguard.fortinet.com/psirt/FG-IR-21-148
FortiExtender - Arbitrary command execution because of missing CLI input sanitization
Reference>