CVE-2021-41018

A improper neutralization of special elements used in an os command ('os command injection') in Fortinet FortiWeb version 6.4.1 and below, 6.3.15 and below allows attacker to execute unauthorized code or commands via crafted HTTP requests.
References
Link Resource
https://fortiguard.com/advisory/FG-IR-21-166 Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*
cpe:2.3:a:fortinet:fortiweb:*:*:*:*:*:*:*:*

Information

Published : 2022-02-02 12:15

Updated : 2022-02-04 09:41


NVD link : CVE-2021-41018

Mitre link : CVE-2021-41018

Products Affected
No products.
CWE