How severe is CVE-2022-35845?

CVE-2022-35845 has a CVSS v3 score of 7.8 (HIGH).

CVE-2022-35845

Name: fortitester
Author: fortinet

7.8HIGH

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through

Publicado: 1/3/2023Atualizado: 11/21/2024

Descrição

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell.

Análise IADesenvolvido por IA

Produtos Afetados

fortinetfortitester

4.0.0

fortinetfortitester

4.1.0

fortinetfortitester

4.1.1

fortinetfortitester

4.2.0

fortinetfortitester

7.0.0

fortinetfortitester

7.1.0

Referências

https://fortiguard.com/psirt/FG-IR-22-274
PatchVendor Advisory
https://fortiguard.com/psirt/FG-IR-22-274
PatchVendor Advisory