SQL injection vulnerability in configuration backup feature

SQL injection vulnerability in configuration backup feature Fortinet PSIRT Advisories Fortinet PSIRT Contact: Website: https://fortiguard.fortinet.com/faq/psirt-contact FG-IR-22-252 Final 1 1 2022-12-06T00:00:00 Current version 2022-12-06T00:00:00 2022-12-06T00:00:00 An improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in FortiADC may allow an authenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests. None Execute unauthorized code or commands FortiADC version 7.1.0FortiADC version 7.0.0 through 7.0.2FortiADC version 6.2.0 through 6.2.4FortiADC version 6.1 all versionsFortiADC version 6.0 all versionsFortiADC version 5.4 all versionsFortiADC version 5.3 all versionsFortiADC version 5.2 all versions Please upgrade to FortiADC version 7.1.1 or above Please upgrade to FortiADC version 6.2.5 or above Internally discovered and reported by Théo Leleu of Fortinet Product Security team. FortiADC 7.1.0 FortiADC 7.0.2 FortiADC 7.0.1 FortiADC 7.0.0 FortiADC 6.2.4 FortiADC 6.2.3 FortiADC 6.2.2 FortiADC 6.2.1 FortiADC 6.2.0 FortiADC 6.1.6 FortiADC 6.1.5 FortiADC 6.1.4 FortiADC 6.1.3 FortiADC 6.1.2 FortiADC 6.1.1 FortiADC 6.1.0 FortiADC 6.0.4 FortiADC 6.0.3 FortiADC 6.0.2 FortiADC 6.0.1 FortiADC 6.0.0 FortiADC 5.4.5 FortiADC 5.4.4 FortiADC 5.4.3 FortiADC 5.4.2 FortiADC 5.4.1 FortiADC 5.4.0 FortiADC 5.3.7 FortiADC 5.3.6 FortiADC 5.3.5 FortiADC 5.3.4 FortiADC 5.3.3 FortiADC 5.3.2 FortiADC 5.3.1 FortiADC 5.3.0 FortiADC 5.2.8 FortiADC 5.2.7 FortiADC 5.2.6 FortiADC 5.2.5 FortiADC 5.2.4 FortiADC 5.2.3 FortiADC 5.2.2 FortiADC 5.2.1 FortiADC 5.2.0 SQL injection vulnerability in configuration backup feature CVE-2022-33875 FortiADC-7.1.0 FortiADC-7.0.2 FortiADC-7.0.1 FortiADC-7.0.0 FortiADC-6.2.4 FortiADC-6.2.3 FortiADC-6.2.2 FortiADC-6.2.1 FortiADC-6.2.0 FortiADC-6.1.6 FortiADC-6.1.5 FortiADC-6.1.4 FortiADC-6.1.3 FortiADC-6.1.2 FortiADC-6.1.1 FortiADC-6.1.0 FortiADC-6.0.4 FortiADC-6.0.3 FortiADC-6.0.2 FortiADC-6.0.1 FortiADC-6.0.0 FortiADC-5.4.5 FortiADC-5.4.4 FortiADC-5.4.3 FortiADC-5.4.2 FortiADC-5.4.1 FortiADC-5.4.0 FortiADC-5.3.7 FortiADC-5.3.6 FortiADC-5.3.5 FortiADC-5.3.4 FortiADC-5.3.3 FortiADC-5.3.2 FortiADC-5.3.1 FortiADC-5.3.0 FortiADC-5.2.8 FortiADC-5.2.7 FortiADC-5.2.6 FortiADC-5.2.5 FortiADC-5.2.4 FortiADC-5.2.3 FortiADC-5.2.2 FortiADC-5.2.1 FortiADC-5.2.0 5.1 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:X/RC:C https://fortiguard.fortinet.com/psirt/FG-IR-22-252 SQL injection vulnerability in configuration backup feature Reference>