CVE-2021-36182

Beschreibung:
A Improper neutralization of special elements used in a command (‚Command Injection‘) in Fortinet FortiWeb version 6.3.13 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests

CWE: CWE-78

CVSS-Bewertung
CVSS 2: MEDIUM – 6.5 (Version: 2.0)
CVSS 3: HIGH – 8.8 (Version: 3.1)

Links:

NVD – CVE-2021-36182
CVE – CVE-2021-36182

Link (max. 20) Quelle Tags
https://fortiguard.com/advisory/FG-IR-21-047 CONFIRM Vendor Advisory Vendor Advisory

Quelle: NVD – CVE-2021-36182
Datum Veröffentlichung: 2021-09-08T11:15Z, Datum letzte Änderung: 2021-09-14T17:39Z