Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An OS command injection (CWE-78) vulnerability in FortiWAN version 4.5.7 and below Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.An OS command injection (CWE-78) vulnerability in FortiWAN Command Line Interface may allow a local, authenticated and unprivileged attacker to escalate their privileges to root via executing a specially-crafted command.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
OS命令中使用的特殊元素转义处理不恰当(OS命令注入)
Vulnerability Title
Avfirewalls FortiWAN 操作系统命令注入漏洞
Vulnerability Description
Avfirewalls FortiWAN是美国Avfirewalls公司的一个网络设备。用于平衡多个WAN连接上的Internet和Intranet流量。 FortiWAN 存在操作系统命令注入漏洞,该漏洞源于在处理某些操作系统命令时输入验证不当。攻击者可利用该漏洞允许本地用户升级对系统的特权。
CVSS Information
N/A
Vulnerability Type
N/A