virus logo PSIRT

Authenticated command injection in certificate import feature

Summary

An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to commands of the certificate import feature.

Version Affected Solution
FortiTester 7.2 Not affected Not Applicable
FortiTester 7.1 7.1.0 Upgrade to 7.1.1 or above
FortiTester 7.0 7.0 all versions Migrate to a fixed release
FortiTester 4.2 4.2.0 Upgrade to 4.2.1 or above
FortiTester 4.1 4.1 all versions Migrate to a fixed release
FortiTester 4.0 4.0 all versions Migrate to a fixed release
FortiTester 3.9 3.9.0 through 3.9.1 Upgrade to 3.9.2 or above
FortiTester 3.8 3.8 all versions Migrate to a fixed release
FortiTester 3.7 3.7 all versions Migrate to a fixed release
FortiTester 3.6 3.6 all versions Migrate to a fixed release
FortiTester 3.5 3.5 all versions Migrate to a fixed release
FortiTester 3.4 3.4 all versions Migrate to a fixed release
FortiTester 3.3 3.3 all versions Migrate to a fixed release
FortiTester 3.2 3.2 all versions Migrate to a fixed release
FortiTester 3.1 3.1 all versions Migrate to a fixed release
FortiTester 3.0 3.0 all versions Migrate to a fixed release
FortiTester 2.9 2.9 all versions Migrate to a fixed release
FortiTester 2.8 2.8 all versions Migrate to a fixed release
FortiTester 2.7 2.7 all versions Migrate to a fixed release
FortiTester 2.6 2.6 all versions Migrate to a fixed release
FortiTester 2.5 2.5 all versions Migrate to a fixed release
FortiTester 2.4 2.4 all versions Migrate to a fixed release
FortiTester 2.3 2.3 all versions Migrate to a fixed release

Acknowledgement

Internally discovered and reported by Wilfried Djettchou of Fortinet Product Security team.

Timeline

2022-10-10: Initial publication

IR Number FG-IR-22-247
Published Date Oct 10, 2022
Component GUI
Severity Medium
CVSSv3 Score 6.5
Impact Execute unauthorized code or commands
CVE ID CVE-2022-35844
CVRF Download