Rewterz Threat Advisory – Multiple Cisco IOS XR Software Vulnerabilities
March 9, 2023Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
March 9, 2023Rewterz Threat Advisory – Multiple Cisco IOS XR Software Vulnerabilities
March 9, 2023Rewterz Threat Advisory – Multiple Google Chrome Vulnerabilities
March 9, 2023Severity
High
Analysis Summary
CVE-2022-39951
Fortinet FortiWeb could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an OS command injection vulnerability. By sending a specially-crafted HTTP request, an attacker could exploit this vulnerability to execute arbitrary commands on the system.
Impact
- Command Execution
Indicators Of Compromise
CVE
- CVE-2022-39951
Affected Vendors
Fortinet
Affected Products
- Fortinet FortiWeb 6.3.11
- Fortinet FortiWeb 6.3.16
- Fortinet FortiWeb 6.3.20
- Fortinet FortiWeb 6.3.6
Remediation
Refer to FortiGuard Advisory for patch, upgrade or suggested workaround information.