How severe is CVE-2022-35845?

CVE-2022-35845 has a CVSS v3 score of 7.8 (HIGH).

CVE-2022-35845

Name: fortitester
Author: fortinet

7.8HIGH

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through

发布于: 1/3/2023更新于: 11/21/2024

描述

Multiple improper neutralization of special elements used in an OS Command ('OS Command Injection') vulnerabilities [CWE-78] in FortiTester 7.1.0, 7.0 all versions, 4.0.0 through 4.2.0, 2.3.0 through 3.9.1 may allow an authenticated attacker to execute arbitrary commands in the underlying shell.

AI分析AI驱动

受影响产品

fortinetfortitester

4.0.0

fortinetfortitester

4.1.0

fortinetfortitester

4.1.1

fortinetfortitester

4.2.0

fortinetfortitester

7.0.0

fortinetfortitester

7.1.0

参考资料

https://fortiguard.com/psirt/FG-IR-22-274
PatchVendor Advisory
https://fortiguard.com/psirt/FG-IR-22-274
PatchVendor Advisory