FG-IR-22-352: Command injection due to an unsafe usage of function
First published: Tue Oct 10 2023(Updated: )
An improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerability [CWE-78 ] in FortiManager, FortiAnalyzer and FortiADC management interface may allow an authenticated attacker with at least READ permissions on system settings to execute arbitrary commands on the underlying shell due to an unsafe usage of the wordexp function.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Fortinet FortiADC | =. | |
| Fortinet FortiADC | >=7.0.0<=7.0.3 | |
| Fortinet FortiADC | >=6.2 | |
| Fortinet FortiADC | >=6.1 | |
| Fortinet FortiADC | >=6.0 | |
| Fortinet FortiAnalyzer | >=7.2.0<=7.2.2 | |
| Fortinet FortiAnalyzer | >=7.0.0<=7.0.7 | |
| Fortinet FortiAnalyzer | >=6.4.0<=6.4.11 | |
| Fortinet FortiAnalyzer | >=6.2 | |
| Fortinet FortiAnalyzer | >=6.0 | |
| Fortinet FortiManager | >=7.2.0<=7.2.2 | |
| Fortinet FortiManager | >=7.0.0<=7.0.7 | |
| Fortinet FortiManager | >=6.4.0<=6.4.11 | |
| Fortinet FortiManager | >=6.2 | |
| Fortinet FortiManager | >=6.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of FG-IR-22-352?
The severity of FG-IR-22-352 is classified as a serious OS Command Injection vulnerability that can be exploited by authenticated attackers.
How do I fix FG-IR-22-352?
To fix FG-IR-22-352, upgrade FortiManager, FortiAnalyzer, or FortiADC to the recommended patched versions specified in the advisory.
Which products are affected by FG-IR-22-352?
FG-IR-22-352 affects FortiManager, FortiAnalyzer, and FortiADC products across multiple versions.
What type of vulnerability is FG-IR-22-352?
FG-IR-22-352 is categorized as an OS Command Injection vulnerability as per the Common Weakness Enumeration (CWE-78).
Who can exploit FG-IR-22-352?
FG-IR-22-352 can be exploited by authenticated attackers who have at least READ permissions on system settings.
- agent/type
- agent/severity
- agent/title
- agent/weakness
- agent/references
- agent/softwarecombine
- agent/first-publish-date
- agent/description
- agent/last-modified-date
- collector/fortiguard-psirt-latest
- source/FortiGuard
- alias/CVE-2023-25607
- agent/event
- agent/trending
- agent/source
- agent/tags
- collector/fortiguard-psirt
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/fortinet
- canonical/fortinet fortiadc
- version/fortinet fortiadc/.
- version/fortinet fortiadc/7.0.0
- version/fortinet fortiadc/7.0.3
- version/fortinet fortiadc/6.2
- version/fortinet fortiadc/6.1
- version/fortinet fortiadc/6.0
- canonical/fortinet fortianalyzer
- version/fortinet fortianalyzer/7.2.0
- version/fortinet fortianalyzer/7.2.2
- version/fortinet fortianalyzer/7.0.0
- version/fortinet fortianalyzer/7.0.7
- version/fortinet fortianalyzer/6.4.0
- version/fortinet fortianalyzer/6.4.11
- version/fortinet fortianalyzer/6.2
- version/fortinet fortianalyzer/6.0
- canonical/fortinet fortimanager
- version/fortinet fortimanager/7.2.0
- version/fortinet fortimanager/7.2.2
- version/fortinet fortimanager/7.0.0
- version/fortinet fortimanager/7.0.7
- version/fortinet fortimanager/6.4.0
- version/fortinet fortimanager/6.4.11
- version/fortinet fortimanager/6.2
- version/fortinet fortimanager/6.0