cbcvebase.
CVE-2022-27482
published 2023-02-16

CVE-2022-27482: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.1, 6.2.0 through…

high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiADC version 7.0.0 through 7.0.1, 6.2.0 through 6.2.2, 6.1.0 through 6.1.6, 6.0.x, 5.x.x allows attacker to execute arbitrary shell code as `root` via CLI commands.

Affected

14 ranges
VendorProductVersion rangeFixed in
fortinetfortiadc
fortinetfortiadc
fortinetfortiadc
fortinetfortiadc5.0.0 – 5.0.4
fortinetfortiadc5.1.0 – 5.1.7
fortinetfortiadc5.2.0 – 5.2.8
fortinetfortiadc5.3.0 – 5.3.7
fortinetfortiadc5.4.0 – 5.4.5
fortinetfortiadc6.0.0 – 6.0.4
fortinetfortiadc6.1.0 – 6.1.6
fortinetfortiadc>= 6.2.0 < 6.2.46.2.4
fortinetfortiadc6.2.0 – 6.2.2
fortinetfortiadc7.0.0 – 7.0.2
fortinetfortinet