CVE-2022-33872

An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Telnet login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the underlying shell.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://fortiguard.com/psirt/FG-IR-22-237	Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:fortinet:fortitester::::::::
	cpe:2.3:a:fortinet:fortitester::::::::
	cpe:2.3:a:fortinet:fortitester::::::::

History

21 Oct 2022, 13:00

Type	Values Removed	Values Added
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.8
First Time		Fortinet fortitester Fortinet
CWE		CWE-78
References	~~(CONFIRM) https://fortiguard.com/psirt/FG-IR-22-237 -~~	(CONFIRM) https://fortiguard.com/psirt/FG-IR-22-237 - Vendor Advisory
CPE		cpe:2.3:a:fortinet:fortitester::::::::

18 Oct 2022, 16:00

Type	Values Removed	Values Added
New CVE

Information

Published : 2022-10-18 15:15

Updated : 2023-12-10 14:35

NVD link : CVE-2022-33872

Mitre link : CVE-2022-33872

CVE.ORG link : CVE-2022-33872

JSON object : View

Products Affected

fortinet

fortitester

CWE

CWE-78

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

{"id": "CVE-2022-33872", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}, {"type": "Secondary", "source": "psirt@fortinet.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 9.8, "attackVector": "NETWORK", "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 3.9}]}, "published": "2022-10-18T15:15:09.687", "references": [{"url": "https://fortiguard.com/psirt/FG-IR-22-237", "tags": ["Vendor Advisory"], "source": "psirt@fortinet.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-78"}]}], "descriptions": [{"lang": "en", "value": "An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in Telnet login components of FortiTester 2.3.0 through 3.9.1, 4.0.0 through 4.2.0, 7.0.0 through 7.1.0 may allow an unauthenticated remote attacker to execute arbitrary command in the underlying shell."}, {"lang": "es", "value": "Unas vulnerabilidades de neutralizaci\u00f3n inapropiada de los elementos especiales usados en un Comando del Sistema Operativo (\"Inyecci\u00f3n de Comandos del Sistema Operativo\") [CWE-78] en los componentes de inicio de sesi\u00f3n de Telnet de FortiTester versiones 2.3.0 hasta 3.9.1, 4.0.0 hasta 4.2.0, 7.0.0 hasta 7.1.0, puede permitir a un atacante remoto no autenticado ejecutar un comando arbitrario en el shell subyacente"}], "lastModified": "2022-10-21T13:00:32.270", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A56D42B-F3B0-419F-8F1B-2826E28436BD", "versionEndExcluding": "3.9.2", "versionStartIncluding": "2.3.0"}, {"criteria": "cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "FE2EA412-DFA8-4EA8-80B1-081B994AFEDC", "versionEndExcluding": "4.2.1", "versionStartIncluding": "4.0.0"}, {"criteria": "cpe:2.3:a:fortinet:fortitester:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B708B54C-64C3-4793-8F81-896CFCA2AFF9", "versionEndExcluding": "7.1.1", "versionStartIncluding": "7.0.0"}], "operator": "OR"}]}], "sourceIdentifier": "psirt@fortinet.com"}