Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
fortinetFortiGuard LabsFG-IR-21-047
HistorySep 07, 2021 - 12:00 a.m.

FortiWeb - OS Command Injection because of missing input parameter sanitization

2021-09-0700:00:00
FortiGuard Labs
www.fortiguard.com
10
fortiweb
command injection
missing input parameter
http requests
cwe-89

EPSS

0.001

Percentile

48.5%

JSON

Multiple improper neutralization of special elements vulnerabilities [CWE-89] used in a command in FortiWeb may allow an authenticated attacker to execute unauthorized code or commands via crafted parameters of HTTP requests.

Related

prion 1
cnvd 1
nvd 1
cvelist 1
cve 1
prion
prion
Command injection
2021-09-08 11:15:00
cnvd
cnvd
Fortinet FortiWeb Buffer Overflow Vulnerability
2021-09-09 00:00:00
nvd
nvd
CVE-2021-36182
2021-09-08 11:15:07
cvelist
cvelist
CVE-2021-36182
2021-09-08 10:20:57
cve
cve
CVE-2021-36182
2021-09-08 11:15:07

EPSS

0.001

Percentile

48.5%

JSON
Related for FG-IR-21-047
prion1cnvd1nvd1cvelist1cve1