Unrated severityNVD Advisory· Published Apr 6, 2022· Updated Oct 25, 2024
CVE-2021-24009
CVE-2021-24009
Description
Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE-78) in the Web GUI of FortiWAN before 4.5.9 may allow an authenticated attacker to execute arbitrary commands on the underlying system's shell via specifically crafted HTTP requests.
Affected products
2Patches
Vulnerability mechanics
References
1- fortiguard.com/psirt/FG-IR-21-060mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.