VYPR
Unrated severityNVD Advisory· Published Sep 6, 2022· Updated Oct 22, 2024

CVE-2022-35847

CVE-2022-35847

Description

An improper neutralization of special elements used in a template engine vulnerability [CWE-1336] in FortiSOAR management interface 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.4 may allow a remote and authenticated attacker to execute arbitrary code via a crafted payload.

Affected products

2
  • Fortinet/Fortisoarllm-fuzzy2 versions
    7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.4+ 1 more
    • (no CPE)range: 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.4
    • (no CPE)range: FortiSOAR 7.2.0, 7.0.0 through 7.0.3, 6.4.0 through 6.4.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.