How severe is CVE-2022-35845?

CVE-2022-35845 has a CVSS v3 score of 7.8 (HIGH).

CVE-2022-35845

Name: fortitester
Author: fortinet

7.8HIGH

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through

Published: 1/3/2023Updated: 11/21/2024

Description

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell.

AI AnalysisPowered by AI

Affected Products

fortinetfortitester

4.0.0

fortinetfortitester

4.1.0

fortinetfortitester

4.1.1

fortinetfortitester

4.2.0

fortinetfortitester

7.0.0

fortinetfortitester

7.1.0

References

https://fortiguard.com/psirt/FG-IR-22-274
PatchVendor Advisory
https://fortiguard.com/psirt/FG-IR-22-274
PatchVendor Advisory