OS Command Injection Vulnerability in Fortinet FortiWeb and FortiADC Products
CVE-2022-43948
6.5MEDIUM
What is CVE-2022-43948?
An OS command injection vulnerability exists in Fortinet's FortiWeb and FortiADC products, allowing attackers to execute arbitrary commands by sending specially crafted input to existing commands. This vulnerability affects various versions of FortiWeb and FortiADC, posing a significant security risk. Proper input validation and filtering are essential to mitigate the risk of unauthorized code execution.
Affected Version(s)
FortiADC 7.1.0 <= 7.1.1
FortiADC 7.0.0 <= 7.0.3
FortiADC 6.2.0 <= 6.2.6