CVE-2022-39951
published 2023-03-07CVE-2022-39951: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version…
PriorityP263high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
1.75%
75.1th percentile
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| fortinet | fortinet | — | — |
| fortinet | fortiweb | — | — |
| fortinet | fortiweb | 6.3.6 – 6.3.20 | — |
| fortinet | fortiweb | 6.4.0 – 6.4.2 | — |
| fortinet | fortiweb | 7.0.0 – 7.0.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Vulnerability is triggered via specially crafted HTTP requests targeting Fortinet FortiWeb; monitor for anomalous or malformed HTTP requests to FortiWeb management interfaces ↗
- →OS command injection (CWE-78) in FortiWeb — inspect HTTP request parameters for shell metacharacters or command injection payloads directed at FortiWeb endpoints ↗
- ·Affected versions span multiple branches: FortiWeb 7.0.0–7.0.2, FortiWeb 6.3.6–6.3.20, and FortiWeb 6.4 all versions; ensure version fingerprinting covers all three branches during detection/triage ↗
- ·CVSS score of 7.2 (High) indicates the attacker likely requires some level of authentication or network access; scope detection rules accordingly (e.g., authenticated management sessions) ↗
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Fortinet
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb versio...
vendor_fortinet·2023-03-07·CVSS 7.2
CVE-2022-39951 [HIGH] CWE-78 A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb versio...
FG-IR-22-254: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb versio...
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
CVEs: CVE-2022-39951
CWEs: CWE-78
CVSS: 7.2 (high)
Affected products: FortiWeb, Fortinet
GHSA
GHSA-cc3m-mjrm-p527: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7
ghsa_unreviewed·2023-03-07
CVE-2022-39951 [HIGH] CWE-78 GHSA-cc3m-mjrm-p527: A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7
A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 7.0.0 through 7.0.2, FortiWeb version 6.3.6 through 6.3.20, FortiWeb 6.4 all versions allows attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2023-03-07
Published