PSIRTAuthenticated command injection in FortiGuard explicit proxy setting
Summary
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in the management interface of FortiTester may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
| Version | Affected | Solution |
|---|---|---|
| FortiTester 7.3 | Not affected | Not Applicable |
| FortiTester 7.2 | 7.2 all versions | Migrate to a fixed release |
| FortiTester 7.1 | 7.1 all versions | Migrate to a fixed release |
| FortiTester 7.0 | 7.0 all versions | Migrate to a fixed release |
| FortiTester 4.2 | 4.2 all versions | Migrate to a fixed release |
| FortiTester 4.1 | 4.1 all versions | Migrate to a fixed release |
| FortiTester 4.0 | 4.0 all versions | Migrate to a fixed release |
| FortiTester 3.9 | 3.9 all versions | Migrate to a fixed release |
| FortiTester 3.8 | 3.8 all versions | Migrate to a fixed release |
| FortiTester 3.7 | 3.7 all versions | Migrate to a fixed release |
| FortiTester 3.6 | 3.6 all versions | Migrate to a fixed release |
| FortiTester 3.5 | 3.5 all versions | Migrate to a fixed release |
| FortiTester 3.4 | 3.4 all versions | Migrate to a fixed release |
| FortiTester 3.3 | 3.3 all versions | Migrate to a fixed release |
| FortiTester 3.2 | 3.2 all versions | Migrate to a fixed release |
| FortiTester 3.1 | 3.1 all versions | Migrate to a fixed release |
| FortiTester 3.0 | 3.0 all versions | Migrate to a fixed release |
Acknowledgement
Internally discovered and reported by Wilfried Djettchou of Fortinet Product Security team.Timeline
2023-09-01: Initial publication