Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://fortiguard.com/psirt/FG-IR-21-060 |
History
Fri, 25 Oct 2024 14:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
MITRE
Status: PUBLISHED
Assigner: fortinet
Published: 2022-04-06T09:15:26
Updated: 2024-10-25T13:33:53.241Z
Reserved: 2021-01-13T00:00:00
Link: CVE-2021-24009
Vulnrichment
Updated: 2024-08-03T19:14:10.030Z
NVD
Status : Modified
Published: 2022-04-06T10:15:07.827
Modified: 2024-11-21T05:52:11.923
Link: CVE-2021-24009
Redhat
No data.