OS command injection vulnerability
Summary
An OS command injection vulnerability in FortiWeb and FortiADC management interface may allow a remote authenticated administrator to execute arbitrary commands on the system via the SAML server configuration page.
Version | Affected | Solution |
---|---|---|
FortiADC 6.2 | 6.2.0 | Upgrade to 6.2.1 or above |
FortiADC 6.1 | 6.1.0 through 6.1.3 | Upgrade to 6.1.4 or above |
FortiADC 6.0 | 6.0.0 through 6.0.3 | Upgrade to 6.0.4 or above |
FortiWeb 6.4 | 6.4.0 | Upgrade to 6.4.1 or above |
FortiWeb 6.3 | 6.3.0 through 6.3.14 | Upgrade to 6.3.15 or above |
FortiWeb 6.2 | 6.2.0 through 6.2.4 | Upgrade to 6.2.5 or above |