Fortinet FortiADC command execution | CVE-2022-39947

DESCRIPTION

Fortinet FortiADC could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an OS command injection vulnerability. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVSS 3.0 Information

Privileges Required: Low
User Interaction: None
Scope: Unchanged
Access Vector: Network

A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.

If you like the site, please support us on Patreon using the button below

To keep up to date follow us on the below channels.

Click Above for Telegram

Click Above for Discord

Click Above for Reddit

Click Above For LinkedIn
NAME

Fortinet FortiADC command execution
- Platforms Affected:
  Fortinet FortiADC 6.0.4
  Fortinet FortiADC 6.1.5
  Fortinet FortiADC 6.2.0
  Fortinet FortiADC 6.2.1
  Fortinet FortiADC 5.4.5
  Fortinet FortiADC 7.0.2
  Fortinet FortiADC 7.0.0
- Risk Level:
  8.8
- Exploitability:
  Unproven
- Consequences:
  Gain Access
DESCRIPTION

Fortinet FortiADC could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an OS command injection vulnerability. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code on the system.

CVSS 3.0 Information
- Privileges Required: Low
- User Interaction: None
- Scope: Unchanged
- Access Vector: Network
  
  A considerable amount of time and effort goes into maintaining this website, creating backend automation and creating new features and content for you to make actionable intelligence decisions. Everyone that supports the site helps enable new functionality.
  
  If you like the site, please support us on Patreon using the button below
  
  To keep up to date follow us on the below channels.
  
  Click Above for Telegram
  
  Click Above for Discord
  
  Click Above for Reddit
  
  Click Above For LinkedIn
  
  Continue Reading
  
  Previous Daily Vulnerability Trends: Thu Jan 05 2023
  Next Daily Vulnerability Trends: Fri Jan 06 2023

Fortinet FortiADC command execution | CVE-2022-39947

DESCRIPTION

NAME

DESCRIPTION

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

DESCRIPTION

NAME

DESCRIPTION

You may have missed

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases One Industrial Control Systems Advisory

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog