A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.6, 6.0.x, 5.x.x allows attacker to execute arbitrary shell code as `root` via CLI commands.
References
| Link | Resource |
|---|---|
| https://fortiguard.com/psirt/FG-IR-22-046 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
07 Nov 2023, 03:45
| Type | Values Removed | Values Added |
|---|---|---|
| Summary | A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.6, 6.0.x, 5.x.x allows attacker to execute arbitrary shell code as `root` via CLI commands. |
24 Feb 2023, 23:45
| Type | Values Removed | Values Added |
|---|---|---|
| References | (MISC) https://fortiguard.com/psirt/FG-IR-22-046 - Vendor Advisory | |
| CWE | CWE-78 | |
| CPE | cpe:2.3:a:fortinet:fortiadc:7.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiadc:*:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortiadc:7.0.0:*:*:*:*:*:*:* |
|
| First Time |
Fortinet fortiadc
Fortinet |
|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
16 Feb 2023, 19:39
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-02-16 19:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-27482
Mitre link : CVE-2022-27482
CVE.ORG link : CVE-2022-27482
JSON object : View
Products Affected
fortinet
- fortiadc
CWE
CWE-78
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')