FortiTester - Undocumented shell command

Summary

A hidden functionality vulnerability [CWE-1242] in FortiTester CLI may allow a local, privileged user to obtain a root shell on the device via an undocumented command.

Version Affected Solution
FortiTester 7.2 Not affected Not Applicable
FortiTester 7.1 7.1.0 Upgrade to 7.1.1 or above
FortiTester 7.0 7.0 all versions Migrate to a fixed release
FortiTester 4.2 4.2.0 Upgrade to 4.2.1 or above
FortiTester 4.1 4.1 all versions Migrate to a fixed release
FortiTester 4.0 4.0 all versions Migrate to a fixed release
FortiTester 3.9 3.9.0 through 3.9.1 Upgrade to 3.9.2 or above
FortiTester 3.8 3.8 all versions Migrate to a fixed release
FortiTester 3.7 3.7 all versions Migrate to a fixed release
FortiTester 3.6 3.6 all versions Migrate to a fixed release
FortiTester 3.5 3.5 all versions Migrate to a fixed release
FortiTester 3.4 3.4 all versions Migrate to a fixed release
FortiTester 3.3 3.3 all versions Migrate to a fixed release
FortiTester 3.2 3.2 all versions Migrate to a fixed release
FortiTester 3.1 3.1 all versions Migrate to a fixed release
FortiTester 3.0 3.0 all versions Migrate to a fixed release
FortiTester 2.9 2.9 all versions Migrate to a fixed release
FortiTester 2.8 2.8 all versions Migrate to a fixed release
FortiTester 2.7 2.7 all versions Migrate to a fixed release
FortiTester 2.6 2.6 all versions Migrate to a fixed release
FortiTester 2.5 2.5 all versions Migrate to a fixed release
FortiTester 2.4 2.4 all versions Migrate to a fixed release
FortiTester 2.3 2.3 all versions Migrate to a fixed release

Acknowledgement

Internally discovered and reported by Wilfried Djettchou of Fortinet Product Security team.