Lucene search
PRIOn knowledge basePRION:CVE-2022-35845HistoryJan 03, 2023 - 5:15 p.m.
Command injection
2023-01-0317:15:00
PRIOn knowledge base
www.prio-n.com
3
command injection
fortitester
os command injection
vulnerabilities
cwe-78
authenticated attacker
arbitrary commands
underlying shell
Multiple improper neutralization of special elements used in an OS Command (‘OS Command Injection’) vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell.
| CPE | Name | Operator | Version |
|---|---|---|---|
| fortitester | ge | 2.3.0 | |
| fortitester | le | 3.9.1 | |
| fortitester | eq | 7.0.0 | |
| fortitester | eq | 7.1.0 | |
| fortitester | eq | 4.0.0 | |
| fortitester | eq | 4.1.0 | |
| fortitester | eq | 4.1.1 | |
| fortitester | eq | 4.2.0 |
References
Related
fortinet
fortinet
FortiTester - Multiple command injection vulnerabilities in GUI and API
2023-01-03 00:00:00
nvd
nvd
CVE-2022-35845
2023-01-03 17:15:10
cve
cve
CVE-2022-35845
2023-01-03 17:15:10
cvelist
cvelist
CVE-2022-35845
2023-01-03 16:57:58
thn
thn