CVE-2022-29061
published 2022-09-09CVE-2022-29061: An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR before 7.2.1 allows…
high7.2CVSS 3.1
AVNACLPRHUINSUCHIHAH
An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiSOAR before 7.2.1 allows an authenticated attacker to execute unauthorized code or commands via crafted HTTP GET requests.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortinet_fortisoar | — | — |
| fortinet | fortisoar | — | — |
| fortinet | fortisoar | — | — |
| fortinet | fortisoar | 6.4.1 – 6.4.4 | — |
| fortinet | fortisoar | >= 7.0.0 < 7.0.3 | 7.0.3 |