CVE-2023-23777

CVSS V2 None CVSS V3 None
Description
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in FortiWeb version 7.0.1 and below, 6.4 all versions, version 6.3.18 and below may allow a privileged attacker to execute arbitrary bash commands via crafted cli backup parameters.
Overview
  • CVE ID
  • CVE-2023-23777
  • Assigner
  • fortinet
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-07-11T08:49:41.131Z
  • Last Modified Date
  • 2023-07-11T08:49:41.131Z
References
Reference URL Reference Tags
https://fortiguard.com/psirt/FG-IR-22-131
History
Created Old Value New Value Data Type Notes
2024-06-25 08:55:52 Added to TrackCVE