Unrated severityNVD Advisory· Published Apr 11, 2023· Updated Oct 23, 2024
CVE-2022-40679
CVE-2022-40679
Description
An improper neutralization of special elements used in an OS command vulnerability [CWE-78] in FortiADC 5.x all versions, 6.0 all versions, 6.1 all versions, 6.2.0 through 6.2.4, 7.0.0 through 7.0.3, 7.1.0; FortiDDoS 4.x all versions, 5.0 all versions, 5.1 all versions, 5.2 all versions, 5.3 all versions, 5.4 all versions, 5.5 all versions, 5.6 all versions and FortiDDoS-F 6.4.0, 6.3.0 through 6.3.3, 6.2.0 through 6.2.2, 6.1.0 through 6.1.4 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.
Affected products
54.x, 5.0, 5.1, 5.2, 5.3, 5.4, 5.5, 5.6+ 2 more
- (no CPE)range: 4.x, 5.0, 5.1, 5.2, 5.3, 5.4, 5.5, 5.6
- (no CPE)range: 6.4.0
- (no CPE)range: 5.6.0
5.x, 6.0, 6.1, >=6.2.0 <=6.2.4, >=7.0.0 <=7.0.3, 7.1.0+ 1 more
- (no CPE)range: 5.x, 6.0, 6.1, >=6.2.0 <=6.2.4, >=7.0.0 <=7.0.3, 7.1.0
- (no CPE)range: 7.1.0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.