Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs
January 5, 2023Rewterz Threat Alert – Matiex Malware – Active IOCs
January 5, 2023Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs
January 5, 2023Rewterz Threat Alert – Matiex Malware – Active IOCs
January 5, 2023Severity
High
Analysis Summary
CVE-2022-39947
Fortinet FortiADC could allow a remote authenticated attacker to execute arbitrary code on the system, caused by an OS command injection vulnerability. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary code on the system.
Impact
- Command Execution
Indicators Of Compromise
CVE
- CVE-2022-39947
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiADC 6.2.0
Fortinet FortiADC 6.0.4 - Fortinet FortiADC 6.1.5
- Fortinet FortiADC 6.2.1Forti
- Fortinet FortiADC 5.4.5
- Fortinet FortiADC 7.0.2
- Fortinet FortiADC 7.0.0
Remediation
Refer to Fortinet Security Advisory for patch, upgrade or suggested workaround information.